From 62fc8eab0dfd3f4c60c8f36fd3a544d6785ff2c6 Mon Sep 17 00:00:00 2001
From: Maksim Pechnikov <parallel588@gmail.com>
Date: Sat, 11 Jul 2020 07:20:35 +0300
Subject: fix reset confirmation email in admin section

---
 test/web/admin_api/controllers/admin_api_controller_test.exs | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'test/web')

diff --git a/test/web/admin_api/controllers/admin_api_controller_test.exs b/test/web/admin_api/controllers/admin_api_controller_test.exs
index c2433f23c..b734a34a5 100644
--- a/test/web/admin_api/controllers/admin_api_controller_test.exs
+++ b/test/web/admin_api/controllers/admin_api_controller_test.exs
@@ -9,6 +9,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
   import ExUnit.CaptureLog
   import Mock
   import Pleroma.Factory
+  import Swoosh.TestAssertions
 
   alias Pleroma.Activity
   alias Pleroma.Config
@@ -1721,6 +1722,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                "@#{admin.nickname} re-sent confirmation email for users: @#{first_user.nickname}, @#{
                  second_user.nickname
                }"
+
+      ObanHelpers.perform_all()
+      assert_email_sent(Pleroma.Emails.UserEmail.account_confirmation_email(first_user))
     end
   end
 
-- 
cgit v1.2.3


From 51ab8d0128970dd7458e93578acb36c20b1c185c Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sun, 12 Jul 2020 20:14:57 -0500
Subject: Add `account_approval_required` instance setting

---
 test/web/mastodon_api/controllers/instance_controller_test.exs | 1 +
 1 file changed, 1 insertion(+)

(limited to 'test/web')

diff --git a/test/web/mastodon_api/controllers/instance_controller_test.exs b/test/web/mastodon_api/controllers/instance_controller_test.exs
index cc880d82c..8a4183283 100644
--- a/test/web/mastodon_api/controllers/instance_controller_test.exs
+++ b/test/web/mastodon_api/controllers/instance_controller_test.exs
@@ -38,6 +38,7 @@ defmodule Pleroma.Web.MastodonAPI.InstanceControllerTest do
            } = result
 
     assert result["pleroma"]["metadata"]["account_activation_required"] != nil
+    assert result["pleroma"]["metadata"]["account_approval_required"] != nil
     assert result["pleroma"]["metadata"]["features"]
     assert result["pleroma"]["metadata"]["federation"]
     assert result["pleroma"]["metadata"]["fields_limits"]
-- 
cgit v1.2.3


From e4e557781877c7c3e4f6197cc52963025485dbb3 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Sun, 12 Jul 2020 20:15:27 -0500
Subject: Prevent unapproved users from logging in

---
 test/web/oauth/oauth_controller_test.exs | 30 +++++++++++++++++++++++++++++-
 1 file changed, 29 insertions(+), 1 deletion(-)

(limited to 'test/web')

diff --git a/test/web/oauth/oauth_controller_test.exs b/test/web/oauth/oauth_controller_test.exs
index d389e4ce0..ec5b78750 100644
--- a/test/web/oauth/oauth_controller_test.exs
+++ b/test/web/oauth/oauth_controller_test.exs
@@ -19,7 +19,10 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
     key: "_test",
     signing_salt: "cooldude"
   ]
-  setup do: clear_config([:instance, :account_activation_required])
+  setup do
+    clear_config([:instance, :account_activation_required])
+    clear_config([:instance, :account_approval_required])
+  end
 
   describe "in OAuth consumer mode, " do
     setup do
@@ -995,6 +998,31 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
              }
     end
 
+    test "rejects token exchange for valid credentials belonging to an unapproved user and approval is required" do
+      Pleroma.Config.put([:instance, :account_approval_required], true)
+      password = "testpassword"
+
+      user = insert(:user, password_hash: Pbkdf2.hash_pwd_salt(password), approval_pending: true)
+
+      refute Pleroma.User.account_status(user) == :active
+
+      app = insert(:oauth_app)
+
+      conn =
+        build_conn()
+        |> post("/oauth/token", %{
+          "grant_type" => "password",
+          "username" => user.nickname,
+          "password" => password,
+          "client_id" => app.client_id,
+          "client_secret" => app.client_secret
+        })
+
+      assert resp = json_response(conn, 403)
+      assert %{"error" => _} = resp
+      refute Map.has_key?(resp, "access_token")
+    end
+
     test "rejects an invalid authorization code" do
       app = insert(:oauth_app)
 
-- 
cgit v1.2.3


From 2aac92e9e05ba76903795cdddea652d7e444e701 Mon Sep 17 00:00:00 2001
From: "Haelwenn (lanodan) Monnier" <contact@hacktivis.me>
Date: Mon, 13 Jul 2020 14:27:25 +0200
Subject: Transmogrifier.fix_in_reply_to/2: Use warn for non-fatal fail to get
 replied-to post

---
 test/web/activity_pub/transmogrifier_test.exs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'test/web')

diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs
index f7b7d1a9f..fd8e7f24f 100644
--- a/test/web/activity_pub/transmogrifier_test.exs
+++ b/test/web/activity_pub/transmogrifier_test.exs
@@ -160,7 +160,7 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
 
       assert capture_log(fn ->
                {:ok, _returned_activity} = Transmogrifier.handle_incoming(data)
-             end) =~ "[error] Couldn't fetch \"https://404.site/whatever\", error: nil"
+             end) =~ "[warn] Couldn't fetch \"https://404.site/whatever\", error: nil"
     end
 
     test "it works for incoming notices" do
-- 
cgit v1.2.3


From 5ddf0415c4fd6021422eb38b4625c01ad27582c5 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Tue, 14 Jul 2020 00:22:12 -0500
Subject: Accept `reason` in POST /api/v1/accounts and store in DB

---
 .../controllers/account_controller_test.exs        | 70 ++++++++++++++++++++++
 1 file changed, 70 insertions(+)

(limited to 'test/web')

diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs
index 9c7b5e9b2..28d21371a 100644
--- a/test/web/mastodon_api/controllers/account_controller_test.exs
+++ b/test/web/mastodon_api/controllers/account_controller_test.exs
@@ -885,6 +885,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
     end
 
     setup do: clear_config([:instance, :account_activation_required])
+    setup do: clear_config([:instance, :account_approval_required])
 
     test "Account registration via Application", %{conn: conn} do
       conn =
@@ -949,6 +950,75 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
       assert token_from_db.user.confirmation_pending
     end
 
+    test "Account registration via app with account_approval_required", %{conn: conn} do
+      Pleroma.Config.put([:instance, :account_approval_required], true)
+
+      conn =
+        conn
+        |> put_req_header("content-type", "application/json")
+        |> post("/api/v1/apps", %{
+          client_name: "client_name",
+          redirect_uris: "urn:ietf:wg:oauth:2.0:oob",
+          scopes: "read, write, follow"
+        })
+
+      assert %{
+               "client_id" => client_id,
+               "client_secret" => client_secret,
+               "id" => _,
+               "name" => "client_name",
+               "redirect_uri" => "urn:ietf:wg:oauth:2.0:oob",
+               "vapid_key" => _,
+               "website" => nil
+             } = json_response_and_validate_schema(conn, 200)
+
+      conn =
+        post(conn, "/oauth/token", %{
+          grant_type: "client_credentials",
+          client_id: client_id,
+          client_secret: client_secret
+        })
+
+      assert %{"access_token" => token, "refresh_token" => refresh, "scope" => scope} =
+               json_response(conn, 200)
+
+      assert token
+      token_from_db = Repo.get_by(Token, token: token)
+      assert token_from_db
+      assert refresh
+      assert scope == "read write follow"
+
+      conn =
+        build_conn()
+        |> put_req_header("content-type", "multipart/form-data")
+        |> put_req_header("authorization", "Bearer " <> token)
+        |> post("/api/v1/accounts", %{
+          username: "lain",
+          email: "lain@example.org",
+          password: "PlzDontHackLain",
+          bio: "Test Bio",
+          agreement: true,
+          reason: "I'm a cool dude, bro"
+        })
+
+      %{
+        "access_token" => token,
+        "created_at" => _created_at,
+        "scope" => ^scope,
+        "token_type" => "Bearer"
+      } = json_response_and_validate_schema(conn, 200)
+
+      token_from_db = Repo.get_by(Token, token: token)
+      assert token_from_db
+      token_from_db = Repo.preload(token_from_db, :user)
+      assert token_from_db.user
+
+      assert token_from_db.user.confirmation_pending
+      assert token_from_db.user.approval_pending
+
+      assert token_from_db.user.registration_reason == "I'm a cool dude, bro"
+    end
+
     test "returns error when user already registred", %{conn: conn, valid_params: valid_params} do
       _user = insert(:user, email: "lain@example.org")
       app_token = insert(:oauth_token, user: nil)
-- 
cgit v1.2.3


From a1570ba6ad4c871df3783d06772b2eb8d2d6c4f1 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Tue, 14 Jul 2020 13:04:57 -0500
Subject: AdminAPI: Return `registration_reason` with users

---
 .../controllers/admin_api_controller_test.exs      | 70 +++++++++++++++-------
 1 file changed, 47 insertions(+), 23 deletions(-)

(limited to 'test/web')

diff --git a/test/web/admin_api/controllers/admin_api_controller_test.exs b/test/web/admin_api/controllers/admin_api_controller_test.exs
index c2433f23c..556e8d97a 100644
--- a/test/web/admin_api/controllers/admin_api_controller_test.exs
+++ b/test/web/admin_api/controllers/admin_api_controller_test.exs
@@ -338,7 +338,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
         "avatar" => User.avatar_url(user) |> MediaProxy.url(),
         "display_name" => HTML.strip_tags(user.name || user.nickname),
         "confirmation_pending" => false,
-        "url" => user.ap_id
+        "url" => user.ap_id,
+        "registration_reason" => nil
       }
 
       assert expected == json_response(conn, 200)
@@ -601,7 +602,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
 
   describe "GET /api/pleroma/admin/users" do
     test "renders users array for the first page", %{conn: conn, admin: admin} do
-      user = insert(:user, local: false, tags: ["foo", "bar"])
+      user =
+        insert(:user, local: false, tags: ["foo", "bar"], registration_reason: "I'm a chill dude")
+
       conn = get(conn, "/api/pleroma/admin/users?page=1")
 
       users =
@@ -616,7 +619,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(admin.name || admin.nickname),
             "confirmation_pending" => false,
-            "url" => admin.ap_id
+            "url" => admin.ap_id,
+            "registration_reason" => nil
           },
           %{
             "deactivated" => user.deactivated,
@@ -628,7 +632,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(user) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(user.name || user.nickname),
             "confirmation_pending" => false,
-            "url" => user.ap_id
+            "url" => user.ap_id,
+            "registration_reason" => "I'm a chill dude"
           }
         ]
         |> Enum.sort_by(& &1["nickname"])
@@ -701,7 +706,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user.name || user.nickname),
                    "confirmation_pending" => false,
-                   "url" => user.ap_id
+                   "url" => user.ap_id,
+                   "registration_reason" => nil
                  }
                ]
              }
@@ -727,7 +733,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user.name || user.nickname),
                    "confirmation_pending" => false,
-                   "url" => user.ap_id
+                   "url" => user.ap_id,
+                   "registration_reason" => nil
                  }
                ]
              }
@@ -753,7 +760,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user.name || user.nickname),
                    "confirmation_pending" => false,
-                   "url" => user.ap_id
+                   "url" => user.ap_id,
+                   "registration_reason" => nil
                  }
                ]
              }
@@ -779,7 +787,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user.name || user.nickname),
                    "confirmation_pending" => false,
-                   "url" => user.ap_id
+                   "url" => user.ap_id,
+                   "registration_reason" => nil
                  }
                ]
              }
@@ -805,7 +814,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user.name || user.nickname),
                    "confirmation_pending" => false,
-                   "url" => user.ap_id
+                   "url" => user.ap_id,
+                   "registration_reason" => nil
                  }
                ]
              }
@@ -831,7 +841,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user.name || user.nickname),
                    "confirmation_pending" => false,
-                   "url" => user.ap_id
+                   "url" => user.ap_id,
+                   "registration_reason" => nil
                  }
                ]
              }
@@ -852,7 +863,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user2) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user2.name || user2.nickname),
                    "confirmation_pending" => false,
-                   "url" => user2.ap_id
+                   "url" => user2.ap_id,
+                   "registration_reason" => nil
                  }
                ]
              }
@@ -885,7 +897,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user.name || user.nickname),
                    "confirmation_pending" => false,
-                   "url" => user.ap_id
+                   "url" => user.ap_id,
+                   "registration_reason" => nil
                  }
                ]
              }
@@ -911,7 +924,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(user) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(user.name || user.nickname),
             "confirmation_pending" => false,
-            "url" => user.ap_id
+            "url" => user.ap_id,
+            "registration_reason" => nil
           },
           %{
             "deactivated" => admin.deactivated,
@@ -923,7 +937,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(admin.name || admin.nickname),
             "confirmation_pending" => false,
-            "url" => admin.ap_id
+            "url" => admin.ap_id,
+            "registration_reason" => nil
           },
           %{
             "deactivated" => false,
@@ -935,7 +950,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(old_admin) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(old_admin.name || old_admin.nickname),
             "confirmation_pending" => false,
-            "url" => old_admin.ap_id
+            "url" => old_admin.ap_id,
+            "registration_reason" => nil
           }
         ]
         |> Enum.sort_by(& &1["nickname"])
@@ -966,7 +982,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(admin.name || admin.nickname),
             "confirmation_pending" => false,
-            "url" => admin.ap_id
+            "url" => admin.ap_id,
+            "registration_reason" => nil
           },
           %{
             "deactivated" => false,
@@ -978,7 +995,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(second_admin) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(second_admin.name || second_admin.nickname),
             "confirmation_pending" => false,
-            "url" => second_admin.ap_id
+            "url" => second_admin.ap_id,
+            "registration_reason" => nil
           }
         ]
         |> Enum.sort_by(& &1["nickname"])
@@ -1011,7 +1029,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(moderator) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(moderator.name || moderator.nickname),
                    "confirmation_pending" => false,
-                   "url" => moderator.ap_id
+                   "url" => moderator.ap_id,
+                   "registration_reason" => nil
                  }
                ]
              }
@@ -1037,7 +1056,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(user1) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(user1.name || user1.nickname),
             "confirmation_pending" => false,
-            "url" => user1.ap_id
+            "url" => user1.ap_id,
+            "registration_reason" => nil
           },
           %{
             "deactivated" => false,
@@ -1049,7 +1069,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(user2) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(user2.name || user2.nickname),
             "confirmation_pending" => false,
-            "url" => user2.ap_id
+            "url" => user2.ap_id,
+            "registration_reason" => nil
           }
         ]
         |> Enum.sort_by(& &1["nickname"])
@@ -1089,7 +1110,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user.name || user.nickname),
                    "confirmation_pending" => false,
-                   "url" => user.ap_id
+                   "url" => user.ap_id,
+                   "registration_reason" => nil
                  }
                ]
              }
@@ -1114,7 +1136,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(admin.name || admin.nickname),
                    "confirmation_pending" => false,
-                   "url" => admin.ap_id
+                   "url" => admin.ap_id,
+                   "registration_reason" => nil
                  }
                ]
              }
@@ -1177,7 +1200,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                "display_name" => HTML.strip_tags(user.name || user.nickname),
                "confirmation_pending" => false,
-               "url" => user.ap_id
+               "url" => user.ap_id,
+               "registration_reason" => nil
              }
 
     log_entry = Repo.one(ModerationLog)
-- 
cgit v1.2.3


From b750129da1434823746e3dbc237d0e04552fa753 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Tue, 14 Jul 2020 13:47:05 -0500
Subject: AdminAPI: Return `approval_pending` with users

---
 .../controllers/admin_api_controller_test.exs      | 42 ++++++++++++++++++++--
 1 file changed, 39 insertions(+), 3 deletions(-)

(limited to 'test/web')

diff --git a/test/web/admin_api/controllers/admin_api_controller_test.exs b/test/web/admin_api/controllers/admin_api_controller_test.exs
index 556e8d97a..ccda5df3f 100644
--- a/test/web/admin_api/controllers/admin_api_controller_test.exs
+++ b/test/web/admin_api/controllers/admin_api_controller_test.exs
@@ -338,6 +338,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
         "avatar" => User.avatar_url(user) |> MediaProxy.url(),
         "display_name" => HTML.strip_tags(user.name || user.nickname),
         "confirmation_pending" => false,
+        "approval_pending" => false,
         "url" => user.ap_id,
         "registration_reason" => nil
       }
@@ -602,8 +603,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
 
   describe "GET /api/pleroma/admin/users" do
     test "renders users array for the first page", %{conn: conn, admin: admin} do
-      user =
-        insert(:user, local: false, tags: ["foo", "bar"], registration_reason: "I'm a chill dude")
+      user = insert(:user, local: false, tags: ["foo", "bar"])
+      user2 = insert(:user, approval_pending: true, registration_reason: "I'm a chill dude")
 
       conn = get(conn, "/api/pleroma/admin/users?page=1")
 
@@ -619,6 +620,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(admin.name || admin.nickname),
             "confirmation_pending" => false,
+            "approval_pending" => false,
             "url" => admin.ap_id,
             "registration_reason" => nil
           },
@@ -632,14 +634,29 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(user) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(user.name || user.nickname),
             "confirmation_pending" => false,
+            "approval_pending" => false,
             "url" => user.ap_id,
+            "registration_reason" => nil
+          },
+          %{
+            "deactivated" => user2.deactivated,
+            "id" => user2.id,
+            "nickname" => user2.nickname,
+            "roles" => %{"admin" => false, "moderator" => false},
+            "local" => true,
+            "tags" => [],
+            "avatar" => User.avatar_url(user2) |> MediaProxy.url(),
+            "display_name" => HTML.strip_tags(user2.name || user2.nickname),
+            "confirmation_pending" => false,
+            "approval_pending" => true,
+            "url" => user2.ap_id,
             "registration_reason" => "I'm a chill dude"
           }
         ]
         |> Enum.sort_by(& &1["nickname"])
 
       assert json_response(conn, 200) == %{
-               "count" => 2,
+               "count" => 3,
                "page_size" => 50,
                "users" => users
              }
@@ -706,6 +723,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user.name || user.nickname),
                    "confirmation_pending" => false,
+                   "approval_pending" => false,
                    "url" => user.ap_id,
                    "registration_reason" => nil
                  }
@@ -733,6 +751,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user.name || user.nickname),
                    "confirmation_pending" => false,
+                   "approval_pending" => false,
                    "url" => user.ap_id,
                    "registration_reason" => nil
                  }
@@ -760,6 +779,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user.name || user.nickname),
                    "confirmation_pending" => false,
+                   "approval_pending" => false,
                    "url" => user.ap_id,
                    "registration_reason" => nil
                  }
@@ -787,6 +807,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user.name || user.nickname),
                    "confirmation_pending" => false,
+                   "approval_pending" => false,
                    "url" => user.ap_id,
                    "registration_reason" => nil
                  }
@@ -814,6 +835,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user.name || user.nickname),
                    "confirmation_pending" => false,
+                   "approval_pending" => false,
                    "url" => user.ap_id,
                    "registration_reason" => nil
                  }
@@ -841,6 +863,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user.name || user.nickname),
                    "confirmation_pending" => false,
+                   "approval_pending" => false,
                    "url" => user.ap_id,
                    "registration_reason" => nil
                  }
@@ -863,6 +886,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user2) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user2.name || user2.nickname),
                    "confirmation_pending" => false,
+                   "approval_pending" => false,
                    "url" => user2.ap_id,
                    "registration_reason" => nil
                  }
@@ -897,6 +921,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user.name || user.nickname),
                    "confirmation_pending" => false,
+                   "approval_pending" => false,
                    "url" => user.ap_id,
                    "registration_reason" => nil
                  }
@@ -924,6 +949,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(user) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(user.name || user.nickname),
             "confirmation_pending" => false,
+            "approval_pending" => false,
             "url" => user.ap_id,
             "registration_reason" => nil
           },
@@ -937,6 +963,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(admin.name || admin.nickname),
             "confirmation_pending" => false,
+            "approval_pending" => false,
             "url" => admin.ap_id,
             "registration_reason" => nil
           },
@@ -950,6 +977,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(old_admin) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(old_admin.name || old_admin.nickname),
             "confirmation_pending" => false,
+            "approval_pending" => false,
             "url" => old_admin.ap_id,
             "registration_reason" => nil
           }
@@ -982,6 +1010,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(admin.name || admin.nickname),
             "confirmation_pending" => false,
+            "approval_pending" => false,
             "url" => admin.ap_id,
             "registration_reason" => nil
           },
@@ -995,6 +1024,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(second_admin) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(second_admin.name || second_admin.nickname),
             "confirmation_pending" => false,
+            "approval_pending" => false,
             "url" => second_admin.ap_id,
             "registration_reason" => nil
           }
@@ -1029,6 +1059,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(moderator) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(moderator.name || moderator.nickname),
                    "confirmation_pending" => false,
+                   "approval_pending" => false,
                    "url" => moderator.ap_id,
                    "registration_reason" => nil
                  }
@@ -1056,6 +1087,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(user1) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(user1.name || user1.nickname),
             "confirmation_pending" => false,
+            "approval_pending" => false,
             "url" => user1.ap_id,
             "registration_reason" => nil
           },
@@ -1069,6 +1101,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
             "avatar" => User.avatar_url(user2) |> MediaProxy.url(),
             "display_name" => HTML.strip_tags(user2.name || user2.nickname),
             "confirmation_pending" => false,
+            "approval_pending" => false,
             "url" => user2.ap_id,
             "registration_reason" => nil
           }
@@ -1110,6 +1143,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(user.name || user.nickname),
                    "confirmation_pending" => false,
+                   "approval_pending" => false,
                    "url" => user.ap_id,
                    "registration_reason" => nil
                  }
@@ -1136,6 +1170,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                    "avatar" => User.avatar_url(admin) |> MediaProxy.url(),
                    "display_name" => HTML.strip_tags(admin.name || admin.nickname),
                    "confirmation_pending" => false,
+                   "approval_pending" => false,
                    "url" => admin.ap_id,
                    "registration_reason" => nil
                  }
@@ -1200,6 +1235,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
                "avatar" => User.avatar_url(user) |> MediaProxy.url(),
                "display_name" => HTML.strip_tags(user.name || user.nickname),
                "confirmation_pending" => false,
+               "approval_pending" => false,
                "url" => user.ap_id,
                "registration_reason" => nil
              }
-- 
cgit v1.2.3


From 33f1b29b2c9cfe6f09c6b088b8b6f7bf14379b9b Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Tue, 14 Jul 2020 14:14:43 -0500
Subject: AdminAPI: Filter users by `need_approval`

---
 .../controllers/admin_api_controller_test.exs      | 38 ++++++++++++++++++++++
 test/web/admin_api/search_test.exs                 | 11 +++++++
 2 files changed, 49 insertions(+)

(limited to 'test/web')

diff --git a/test/web/admin_api/controllers/admin_api_controller_test.exs b/test/web/admin_api/controllers/admin_api_controller_test.exs
index ccda5df3f..9cc8b1879 100644
--- a/test/web/admin_api/controllers/admin_api_controller_test.exs
+++ b/test/web/admin_api/controllers/admin_api_controller_test.exs
@@ -991,6 +991,44 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
              }
     end
 
+    test "only unapproved users", %{conn: conn} do
+      user =
+        insert(:user,
+          nickname: "sadboy",
+          approval_pending: true,
+          registration_reason: "Plz let me in!"
+        )
+
+      insert(:user, nickname: "happyboy", approval_pending: false)
+
+      conn = get(conn, "/api/pleroma/admin/users?filters=need_approval")
+
+      users =
+        [
+          %{
+            "deactivated" => user.deactivated,
+            "id" => user.id,
+            "nickname" => user.nickname,
+            "roles" => %{"admin" => false, "moderator" => false},
+            "local" => true,
+            "tags" => [],
+            "avatar" => User.avatar_url(user) |> MediaProxy.url(),
+            "display_name" => HTML.strip_tags(user.name || user.nickname),
+            "confirmation_pending" => false,
+            "approval_pending" => true,
+            "url" => user.ap_id,
+            "registration_reason" => "Plz let me in!"
+          }
+        ]
+        |> Enum.sort_by(& &1["nickname"])
+
+      assert json_response(conn, 200) == %{
+               "count" => 1,
+               "page_size" => 50,
+               "users" => users
+             }
+    end
+
     test "load only admins", %{conn: conn, admin: admin} do
       second_admin = insert(:user, is_admin: true)
       insert(:user)
diff --git a/test/web/admin_api/search_test.exs b/test/web/admin_api/search_test.exs
index e0e3d4153..b974cedd5 100644
--- a/test/web/admin_api/search_test.exs
+++ b/test/web/admin_api/search_test.exs
@@ -166,5 +166,16 @@ defmodule Pleroma.Web.AdminAPI.SearchTest do
       assert total == 3
       assert count == 1
     end
+
+    test "it returns unapproved user" do
+      unapproved = insert(:user, approval_pending: true)
+      insert(:user)
+      insert(:user)
+
+      {:ok, _results, total} = Search.user()
+      {:ok, [^unapproved], count} = Search.user(%{need_approval: true})
+      assert total == 3
+      assert count == 1
+    end
   end
 end
-- 
cgit v1.2.3


From 20d24741af8ae755ce7f753680a55ca24ef7c1d4 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Tue, 14 Jul 2020 18:02:44 -0500
Subject: AdminAPI: Add `PATCH /api/pleroma/admin/users/approve` endpoint

---
 .../controllers/admin_api_controller_test.exs        | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

(limited to 'test/web')

diff --git a/test/web/admin_api/controllers/admin_api_controller_test.exs b/test/web/admin_api/controllers/admin_api_controller_test.exs
index 9cc8b1879..351df8883 100644
--- a/test/web/admin_api/controllers/admin_api_controller_test.exs
+++ b/test/web/admin_api/controllers/admin_api_controller_test.exs
@@ -1257,6 +1257,26 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
              "@#{admin.nickname} deactivated users: @#{user_one.nickname}, @#{user_two.nickname}"
   end
 
+  test "PATCH /api/pleroma/admin/users/approve", %{admin: admin, conn: conn} do
+    user_one = insert(:user, approval_pending: true)
+    user_two = insert(:user, approval_pending: true)
+
+    conn =
+      patch(
+        conn,
+        "/api/pleroma/admin/users/approve",
+        %{nicknames: [user_one.nickname, user_two.nickname]}
+      )
+
+    response = json_response(conn, 200)
+    assert Enum.map(response["users"], & &1["approval_pending"]) == [false, false]
+
+    log_entry = Repo.one(ModerationLog)
+
+    assert ModerationLog.get_log_entry_message(log_entry) ==
+             "@#{admin.nickname} approved users: @#{user_one.nickname}, @#{user_two.nickname}"
+  end
+
   test "PATCH /api/pleroma/admin/users/:nickname/toggle_activation", %{admin: admin, conn: conn} do
     user = insert(:user)
 
-- 
cgit v1.2.3


From 0d004a9d046f279be8462e8c751b5f1bcec3d35b Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Tue, 14 Jul 2020 20:31:20 -0500
Subject: Email admins when a new unapproved account is up for review

---
 test/web/twitter_api/twitter_api_test.exs | 37 +++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)

(limited to 'test/web')

diff --git a/test/web/twitter_api/twitter_api_test.exs b/test/web/twitter_api/twitter_api_test.exs
index 368533292..df9d59f6a 100644
--- a/test/web/twitter_api/twitter_api_test.exs
+++ b/test/web/twitter_api/twitter_api_test.exs
@@ -4,6 +4,7 @@
 
 defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do
   use Pleroma.DataCase
+  import Pleroma.Factory
   alias Pleroma.Repo
   alias Pleroma.Tests.ObanHelpers
   alias Pleroma.User
@@ -85,6 +86,42 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do
     )
   end
 
+  test "it sends an admin email if :account_approval_required is specified in instance config" do
+    admin = insert(:user, is_admin: true)
+    setting = Pleroma.Config.get([:instance, :account_approval_required])
+
+    unless setting do
+      Pleroma.Config.put([:instance, :account_approval_required], true)
+      on_exit(fn -> Pleroma.Config.put([:instance, :account_approval_required], setting) end)
+    end
+
+    data = %{
+      :username => "lain",
+      :email => "lain@wired.jp",
+      :fullname => "lain iwakura",
+      :bio => "",
+      :password => "bear",
+      :confirm => "bear",
+      :reason => "I love anime"
+    }
+
+    {:ok, user} = TwitterAPI.register_user(data)
+    ObanHelpers.perform_all()
+
+    assert user.approval_pending
+
+    email = Pleroma.Emails.AdminEmail.new_unapproved_registration(admin, user)
+
+    notify_email = Pleroma.Config.get([:instance, :notify_email])
+    instance_name = Pleroma.Config.get([:instance, :name])
+
+    Swoosh.TestAssertions.assert_email_sent(
+      from: {instance_name, notify_email},
+      to: {admin.name, admin.email},
+      html_body: email.html_body
+    )
+  end
+
   test "it registers a new user and parses mentions in the bio" do
     data1 = %{
       :username => "john",
-- 
cgit v1.2.3


From 9ce95fa68f933c911c10e640b9a32ddae8a631c9 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Wed, 15 Jul 2020 17:04:30 -0500
Subject: Use `approval_required` in /api/v1/instance

---
 test/web/mastodon_api/controllers/instance_controller_test.exs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'test/web')

diff --git a/test/web/mastodon_api/controllers/instance_controller_test.exs b/test/web/mastodon_api/controllers/instance_controller_test.exs
index 8a4183283..6a9ccd979 100644
--- a/test/web/mastodon_api/controllers/instance_controller_test.exs
+++ b/test/web/mastodon_api/controllers/instance_controller_test.exs
@@ -27,6 +27,7 @@ defmodule Pleroma.Web.MastodonAPI.InstanceControllerTest do
              "thumbnail" => _,
              "languages" => _,
              "registrations" => _,
+             "approval_required" => _,
              "poll_limits" => _,
              "upload_limit" => _,
              "avatar_upload_limit" => _,
@@ -38,7 +39,6 @@ defmodule Pleroma.Web.MastodonAPI.InstanceControllerTest do
            } = result
 
     assert result["pleroma"]["metadata"]["account_activation_required"] != nil
-    assert result["pleroma"]["metadata"]["account_approval_required"] != nil
     assert result["pleroma"]["metadata"]["features"]
     assert result["pleroma"]["metadata"]["federation"]
     assert result["pleroma"]["metadata"]["fields_limits"]
-- 
cgit v1.2.3


From 15f8921b111bc38d0d9eb9ccd1fd09e41cdbc85e Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Fri, 17 Jul 2020 12:26:52 -0500
Subject: Test that unapproved users can never log in regardless of admin
 settings

---
 test/web/oauth/oauth_controller_test.exs | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'test/web')

diff --git a/test/web/oauth/oauth_controller_test.exs b/test/web/oauth/oauth_controller_test.exs
index ec5b78750..1200126b8 100644
--- a/test/web/oauth/oauth_controller_test.exs
+++ b/test/web/oauth/oauth_controller_test.exs
@@ -998,8 +998,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
              }
     end
 
-    test "rejects token exchange for valid credentials belonging to an unapproved user and approval is required" do
-      Pleroma.Config.put([:instance, :account_approval_required], true)
+    test "rejects token exchange for valid credentials belonging to an unapproved user" do
       password = "testpassword"
 
       user = insert(:user, password_hash: Pbkdf2.hash_pwd_salt(password), approval_pending: true)
-- 
cgit v1.2.3


From bdb3375933b17ffd596d9d870d797fcc47a4828b Mon Sep 17 00:00:00 2001
From: Egor Kislitsyn <egor@kislitsyn.com>
Date: Tue, 21 Jul 2020 16:06:46 +0400
Subject: Allow unblocking a domain via query params

---
 .../controllers/domain_block_controller_test.exs       | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'test/web')

diff --git a/test/web/mastodon_api/controllers/domain_block_controller_test.exs b/test/web/mastodon_api/controllers/domain_block_controller_test.exs
index 01a24afcf..978290d62 100644
--- a/test/web/mastodon_api/controllers/domain_block_controller_test.exs
+++ b/test/web/mastodon_api/controllers/domain_block_controller_test.exs
@@ -32,6 +32,24 @@ defmodule Pleroma.Web.MastodonAPI.DomainBlockControllerTest do
     refute User.blocks?(user, other_user)
   end
 
+  test "unblocking a domain via query params" do
+    %{user: user, conn: conn} = oauth_access(["write:blocks"])
+    other_user = insert(:user, %{ap_id: "https://dogwhistle.zone/@pundit"})
+
+    User.block_domain(user, "dogwhistle.zone")
+    user = refresh_record(user)
+    assert User.blocks?(user, other_user)
+
+    ret_conn =
+      conn
+      |> put_req_header("content-type", "application/json")
+      |> delete("/api/v1/domain_blocks?domain=dogwhistle.zone")
+
+    assert %{} == json_response_and_validate_schema(ret_conn, 200)
+    user = User.get_cached_by_ap_id(user.ap_id)
+    refute User.blocks?(user, other_user)
+  end
+
   test "getting a list of domain blocks" do
     %{user: user, conn: conn} = oauth_access(["read:blocks"])
 
-- 
cgit v1.2.3


From 109836306cc4bd4dfeb67aea0e9b78f77cd0b839 Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@FreeBSD.org>
Date: Tue, 21 Jul 2020 17:27:13 -0500
Subject: Test that Emoji Packs can be listed when instance is not public

---
 test/web/pleroma_api/controllers/emoji_pack_controller_test.exs | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'test/web')

diff --git a/test/web/pleroma_api/controllers/emoji_pack_controller_test.exs b/test/web/pleroma_api/controllers/emoji_pack_controller_test.exs
index df58a5eb6..e113bb15f 100644
--- a/test/web/pleroma_api/controllers/emoji_pack_controller_test.exs
+++ b/test/web/pleroma_api/controllers/emoji_pack_controller_test.exs
@@ -14,6 +14,8 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
               )
   setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], false)
 
+  setup do: clear_config([:instance, :public], true)
+
   setup do
     admin = insert(:user, is_admin: true)
     token = insert(:oauth_admin_token, user: admin)
@@ -27,6 +29,11 @@ defmodule Pleroma.Web.PleromaAPI.EmojiPackControllerTest do
     {:ok, %{admin_conn: admin_conn}}
   end
 
+  test "GET /api/pleroma/emoji/packs when :public: false", %{conn: conn} do
+    Config.put([:instance, :public], false)
+    conn |> get("/api/pleroma/emoji/packs") |> json_response_and_validate_schema(200)
+  end
+
   test "GET /api/pleroma/emoji/packs", %{conn: conn} do
     resp = conn |> get("/api/pleroma/emoji/packs") |> json_response_and_validate_schema(200)
 
-- 
cgit v1.2.3


From 0cb9e1da746ee5bfb8147cead3944f0e13fb447f Mon Sep 17 00:00:00 2001
From: Lain Soykaf <lain@soykaf.club>
Date: Wed, 22 Jul 2020 14:44:06 +0200
Subject: StatusView: Handle badly formatted emoji reactions.

---
 test/web/mastodon_api/views/status_view_test.exs | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'test/web')

diff --git a/test/web/mastodon_api/views/status_view_test.exs b/test/web/mastodon_api/views/status_view_test.exs
index fa26b3129..8791d3573 100644
--- a/test/web/mastodon_api/views/status_view_test.exs
+++ b/test/web/mastodon_api/views/status_view_test.exs
@@ -56,6 +56,23 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
            ]
   end
 
+  test "works correctly with badly formatted emojis" do
+    user = insert(:user)
+    {:ok, activity} = CommonAPI.post(user, %{status: "yo"})
+
+    activity
+    |> Object.normalize(false)
+    |> Object.update_data(%{"reactions" => %{"☕" => [user.ap_id], "x" => 1}})
+
+    activity = Activity.get_by_id(activity.id)
+
+    status = StatusView.render("show.json", activity: activity, for: user)
+
+    assert status[:pleroma][:emoji_reactions] == [
+             %{name: "☕", count: 1, me: true}
+           ]
+  end
+
   test "loads and returns the direct conversation id when given the `with_direct_conversation_id` option" do
     user = insert(:user)
 
-- 
cgit v1.2.3


From 6f5f7af607518b6f67df68bab9bf76142e9a622c Mon Sep 17 00:00:00 2001
From: Ivan Tashkinov <ivantashkinov@gmail.com>
Date: Wed, 22 Jul 2020 19:06:00 +0300
Subject: [#1973] Fixed accounts rendering in GET /api/v1/pleroma/chats with
 truish :restrict_unauthenticated. Made
 `Pleroma.Web.MastodonAPI.AccountView.render("show.json", _)` demand :for or
 :force option in order to prevent incorrect rendering of empty map instead of
 expected user representation with truish :restrict_unauthenticated setting.

---
 test/web/activity_pub/activity_pub_test.exs        |  2 +-
 test/web/activity_pub/transmogrifier_test.exs      |  2 +-
 test/web/activity_pub/utils_test.exs               |  2 +-
 test/web/admin_api/views/report_view_test.exs      | 21 +++++-----
 test/web/mastodon_api/views/account_view_test.exs  | 38 ++++++++++++------
 test/web/mastodon_api/views/status_view_test.exs   |  2 +-
 .../controllers/chat_controller_test.exs           | 22 +++++++++++
 test/web/pleroma_api/views/chat_view_test.exs      |  2 +-
 test/web/twitter_api/twitter_api_test.exs          | 45 +++++++---------------
 9 files changed, 79 insertions(+), 57 deletions(-)

(limited to 'test/web')

diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs
index f3951462f..34905a928 100644
--- a/test/web/activity_pub/activity_pub_test.exs
+++ b/test/web/activity_pub/activity_pub_test.exs
@@ -1179,7 +1179,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
         "id" => activity_ap_id,
         "content" => content,
         "published" => activity_with_object.object.data["published"],
-        "actor" => AccountView.render("show.json", %{user: target_account})
+        "actor" => AccountView.render("show.json", %{user: target_account, force: true})
       }
 
       assert %Activity{
diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs
index 248b410c6..01e18eace 100644
--- a/test/web/activity_pub/transmogrifier_test.exs
+++ b/test/web/activity_pub/transmogrifier_test.exs
@@ -710,7 +710,7 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
         "id" => activity.data["id"],
         "content" => "test post",
         "published" => object.data["published"],
-        "actor" => AccountView.render("show.json", %{user: user})
+        "actor" => AccountView.render("show.json", %{user: user, force: true})
       }
 
       message = %{
diff --git a/test/web/activity_pub/utils_test.exs b/test/web/activity_pub/utils_test.exs
index 361dc5a41..ab984d486 100644
--- a/test/web/activity_pub/utils_test.exs
+++ b/test/web/activity_pub/utils_test.exs
@@ -482,7 +482,7 @@ defmodule Pleroma.Web.ActivityPub.UtilsTest do
         "id" => activity_ap_id,
         "content" => content,
         "published" => activity.object.data["published"],
-        "actor" => AccountView.render("show.json", %{user: target_account})
+        "actor" => AccountView.render("show.json", %{user: target_account, force: true})
       }
 
       assert %{
diff --git a/test/web/admin_api/views/report_view_test.exs b/test/web/admin_api/views/report_view_test.exs
index f00b0afb2..e171509e5 100644
--- a/test/web/admin_api/views/report_view_test.exs
+++ b/test/web/admin_api/views/report_view_test.exs
@@ -4,11 +4,14 @@
 
 defmodule Pleroma.Web.AdminAPI.ReportViewTest do
   use Pleroma.DataCase
+
   import Pleroma.Factory
+
+  alias Pleroma.Web.AdminAPI
   alias Pleroma.Web.AdminAPI.Report
   alias Pleroma.Web.AdminAPI.ReportView
   alias Pleroma.Web.CommonAPI
-  alias Pleroma.Web.MastodonAPI.AccountView
+  alias Pleroma.Web.MastodonAPI
   alias Pleroma.Web.MastodonAPI.StatusView
 
   test "renders a report" do
@@ -21,13 +24,13 @@ defmodule Pleroma.Web.AdminAPI.ReportViewTest do
       content: nil,
       actor:
         Map.merge(
-          AccountView.render("show.json", %{user: user}),
-          Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: user})
+          MastodonAPI.AccountView.render("show.json", %{user: user, force: true}),
+          AdminAPI.AccountView.render("show.json", %{user: user})
         ),
       account:
         Map.merge(
-          AccountView.render("show.json", %{user: other_user}),
-          Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: other_user})
+          MastodonAPI.AccountView.render("show.json", %{user: other_user, force: true}),
+          AdminAPI.AccountView.render("show.json", %{user: other_user})
         ),
       statuses: [],
       notes: [],
@@ -56,13 +59,13 @@ defmodule Pleroma.Web.AdminAPI.ReportViewTest do
       content: nil,
       actor:
         Map.merge(
-          AccountView.render("show.json", %{user: user}),
-          Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: user})
+          MastodonAPI.AccountView.render("show.json", %{user: user, force: true}),
+          AdminAPI.AccountView.render("show.json", %{user: user})
         ),
       account:
         Map.merge(
-          AccountView.render("show.json", %{user: other_user}),
-          Pleroma.Web.AdminAPI.AccountView.render("show.json", %{user: other_user})
+          MastodonAPI.AccountView.render("show.json", %{user: other_user, force: true}),
+          AdminAPI.AccountView.render("show.json", %{user: other_user})
         ),
       statuses: [StatusView.render("show.json", %{activity: activity})],
       state: "open",
diff --git a/test/web/mastodon_api/views/account_view_test.exs b/test/web/mastodon_api/views/account_view_test.exs
index a83bf90a3..2b18c2e43 100644
--- a/test/web/mastodon_api/views/account_view_test.exs
+++ b/test/web/mastodon_api/views/account_view_test.exs
@@ -95,7 +95,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
       }
     }
 
-    assert expected == AccountView.render("show.json", %{user: user})
+    assert expected == AccountView.render("show.json", %{user: user, force: true})
   end
 
   test "Favicon is nil when :instances_favicons is disabled" do
@@ -108,11 +108,12 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
                favicon:
                  "https://shitposter.club/plugins/Qvitter/img/gnusocial-favicons/favicon-16x16.png"
              }
-           } = AccountView.render("show.json", %{user: user})
+           } = AccountView.render("show.json", %{user: user, force: true})
 
     Config.put([:instances_favicons, :enabled], false)
 
-    assert %{pleroma: %{favicon: nil}} = AccountView.render("show.json", %{user: user})
+    assert %{pleroma: %{favicon: nil}} =
+             AccountView.render("show.json", %{user: user, force: true})
   end
 
   test "Represent the user account for the account owner" do
@@ -189,7 +190,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
       }
     }
 
-    assert expected == AccountView.render("show.json", %{user: user})
+    assert expected == AccountView.render("show.json", %{user: user, force: true})
   end
 
   test "Represent a Funkwhale channel" do
@@ -198,7 +199,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
         "https://channels.tests.funkwhale.audio/federation/actors/compositions"
       )
 
-    assert represented = AccountView.render("show.json", %{user: user})
+    assert represented = AccountView.render("show.json", %{user: user, force: true})
     assert represented.acct == "compositions@channels.tests.funkwhale.audio"
     assert represented.url == "https://channels.tests.funkwhale.audio/channels/compositions"
   end
@@ -223,6 +224,21 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
     assert expected == AccountView.render("mention.json", %{user: user})
   end
 
+  test "demands :for or :force option for account rendering" do
+    clear_config([:restrict_unauthenticated, :profiles, :local], false)
+
+    user = insert(:user)
+    user_id = user.id
+
+    assert %{id: ^user_id} = AccountView.render("show.json", %{user: user, for: nil})
+    assert %{id: ^user_id} = AccountView.render("show.json", %{user: user, for: user})
+    assert %{id: ^user_id} = AccountView.render("show.json", %{user: user, force: true})
+
+    assert_raise RuntimeError, ~r/:force or :for option is required/, fn ->
+      AccountView.render("show.json", %{user: user})
+    end
+  end
+
   describe "relationship" do
     defp test_relationship_rendering(user, other_user, expected_result) do
       opts = %{user: user, target: other_user, relationships: nil}
@@ -336,7 +352,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
 
     assert result.pleroma.settings_store == %{:fe => "test"}
 
-    result = AccountView.render("show.json", %{user: user, with_pleroma_settings: true})
+    result = AccountView.render("show.json", %{user: user, for: nil, with_pleroma_settings: true})
     assert result.pleroma[:settings_store] == nil
 
     result = AccountView.render("show.json", %{user: user, for: user})
@@ -345,13 +361,13 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
 
   test "doesn't sanitize display names" do
     user = insert(:user, name: "<marquee> username </marquee>")
-    result = AccountView.render("show.json", %{user: user})
+    result = AccountView.render("show.json", %{user: user, force: true})
     assert result.display_name == "<marquee> username </marquee>"
   end
 
   test "never display nil user follow counts" do
     user = insert(:user, following_count: 0, follower_count: 0)
-    result = AccountView.render("show.json", %{user: user})
+    result = AccountView.render("show.json", %{user: user, force: true})
 
     assert result.following_count == 0
     assert result.followers_count == 0
@@ -375,7 +391,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
                followers_count: 0,
                following_count: 0,
                pleroma: %{hide_follows_count: true, hide_followers_count: true}
-             } = AccountView.render("show.json", %{user: user})
+             } = AccountView.render("show.json", %{user: user, force: true})
     end
 
     test "shows when follows/followers are hidden" do
@@ -388,7 +404,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
                followers_count: 1,
                following_count: 1,
                pleroma: %{hide_follows: true, hide_followers: true}
-             } = AccountView.render("show.json", %{user: user})
+             } = AccountView.render("show.json", %{user: user, force: true})
     end
 
     test "shows actual follower/following count to the account owner" do
@@ -531,7 +547,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
         emoji: %{"joker_smile" => "https://evil.website/society.png"}
       )
 
-    AccountView.render("show.json", %{user: user})
+    AccountView.render("show.json", %{user: user, force: true})
     |> Enum.all?(fn
       {key, url} when key in [:avatar, :avatar_static, :header, :header_static] ->
         String.starts_with?(url, Pleroma.Web.base_url())
diff --git a/test/web/mastodon_api/views/status_view_test.exs b/test/web/mastodon_api/views/status_view_test.exs
index fa26b3129..d44e3f6e6 100644
--- a/test/web/mastodon_api/views/status_view_test.exs
+++ b/test/web/mastodon_api/views/status_view_test.exs
@@ -177,7 +177,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
       id: to_string(note.id),
       uri: object_data["id"],
       url: Pleroma.Web.Router.Helpers.o_status_url(Pleroma.Web.Endpoint, :notice, note),
-      account: AccountView.render("show.json", %{user: user}),
+      account: AccountView.render("show.json", %{user: user, force: true}),
       in_reply_to_id: nil,
       in_reply_to_account_id: nil,
       card: nil,
diff --git a/test/web/pleroma_api/controllers/chat_controller_test.exs b/test/web/pleroma_api/controllers/chat_controller_test.exs
index 82e16741d..d71e80d03 100644
--- a/test/web/pleroma_api/controllers/chat_controller_test.exs
+++ b/test/web/pleroma_api/controllers/chat_controller_test.exs
@@ -332,5 +332,27 @@ defmodule Pleroma.Web.PleromaAPI.ChatControllerTest do
                chat_1.id |> to_string()
              ]
     end
+
+    test "it is not affected by :restrict_unauthenticated setting (issue #1973)", %{
+      conn: conn,
+      user: user
+    } do
+      clear_config([:restrict_unauthenticated, :profiles, :local], true)
+      clear_config([:restrict_unauthenticated, :profiles, :remote], true)
+
+      user2 = insert(:user)
+      user3 = insert(:user, local: false)
+
+      {:ok, _chat_12} = Chat.get_or_create(user.id, user2.ap_id)
+      {:ok, _chat_13} = Chat.get_or_create(user.id, user3.ap_id)
+
+      result =
+        conn
+        |> get("/api/v1/pleroma/chats")
+        |> json_response_and_validate_schema(200)
+
+      account_ids = Enum.map(result, &get_in(&1, ["account", "id"]))
+      assert Enum.sort(account_ids) == Enum.sort([user2.id, user3.id])
+    end
   end
 end
diff --git a/test/web/pleroma_api/views/chat_view_test.exs b/test/web/pleroma_api/views/chat_view_test.exs
index 14eecb1bd..46d47cd4f 100644
--- a/test/web/pleroma_api/views/chat_view_test.exs
+++ b/test/web/pleroma_api/views/chat_view_test.exs
@@ -26,7 +26,7 @@ defmodule Pleroma.Web.PleromaAPI.ChatViewTest do
 
     assert represented_chat == %{
              id: "#{chat.id}",
-             account: AccountView.render("show.json", user: recipient),
+             account: AccountView.render("show.json", user: recipient, force: true),
              unread: 0,
              last_message: nil,
              updated_at: Utils.to_masto_date(chat.updated_at)
diff --git a/test/web/twitter_api/twitter_api_test.exs b/test/web/twitter_api/twitter_api_test.exs
index 368533292..5bb2d8d89 100644
--- a/test/web/twitter_api/twitter_api_test.exs
+++ b/test/web/twitter_api/twitter_api_test.exs
@@ -4,11 +4,11 @@
 
 defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do
   use Pleroma.DataCase
+
   alias Pleroma.Repo
   alias Pleroma.Tests.ObanHelpers
   alias Pleroma.User
   alias Pleroma.UserInviteToken
-  alias Pleroma.Web.MastodonAPI.AccountView
   alias Pleroma.Web.TwitterAPI.TwitterAPI
 
   setup_all do
@@ -27,13 +27,10 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do
 
     {:ok, user} = TwitterAPI.register_user(data)
 
-    fetched_user = User.get_cached_by_nickname("lain")
-
-    assert AccountView.render("show.json", %{user: user}) ==
-             AccountView.render("show.json", %{user: fetched_user})
+    assert user == User.get_cached_by_nickname("lain")
   end
 
-  test "it registers a new user with empty string in bio and returns the user." do
+  test "it registers a new user with empty string in bio and returns the user" do
     data = %{
       :username => "lain",
       :email => "lain@wired.jp",
@@ -45,10 +42,7 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do
 
     {:ok, user} = TwitterAPI.register_user(data)
 
-    fetched_user = User.get_cached_by_nickname("lain")
-
-    assert AccountView.render("show.json", %{user: user}) ==
-             AccountView.render("show.json", %{user: fetched_user})
+    assert user == User.get_cached_by_nickname("lain")
   end
 
   test "it sends confirmation email if :account_activation_required is specified in instance config" do
@@ -134,13 +128,10 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do
 
       {:ok, user} = TwitterAPI.register_user(data)
 
-      fetched_user = User.get_cached_by_nickname("vinny")
-      invite = Repo.get_by(UserInviteToken, token: invite.token)
+      assert user == User.get_cached_by_nickname("vinny")
 
+      invite = Repo.get_by(UserInviteToken, token: invite.token)
       assert invite.used == true
-
-      assert AccountView.render("show.json", %{user: user}) ==
-               AccountView.render("show.json", %{user: fetched_user})
     end
 
     test "returns error on invalid token" do
@@ -197,10 +188,8 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do
       check_fn = fn invite ->
         data = Map.put(data, :token, invite.token)
         {:ok, user} = TwitterAPI.register_user(data)
-        fetched_user = User.get_cached_by_nickname("vinny")
 
-        assert AccountView.render("show.json", %{user: user}) ==
-                 AccountView.render("show.json", %{user: fetched_user})
+        assert user == User.get_cached_by_nickname("vinny")
       end
 
       {:ok, data: data, check_fn: check_fn}
@@ -260,14 +249,11 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do
       }
 
       {:ok, user} = TwitterAPI.register_user(data)
-      fetched_user = User.get_cached_by_nickname("vinny")
-      invite = Repo.get_by(UserInviteToken, token: invite.token)
+      assert user == User.get_cached_by_nickname("vinny")
 
+      invite = Repo.get_by(UserInviteToken, token: invite.token)
       assert invite.used == true
 
-      assert AccountView.render("show.json", %{user: user}) ==
-               AccountView.render("show.json", %{user: fetched_user})
-
       data = %{
         :username => "GrimReaper",
         :email => "death@reapers.afterlife",
@@ -302,13 +288,10 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do
       }
 
       {:ok, user} = TwitterAPI.register_user(data)
-      fetched_user = User.get_cached_by_nickname("vinny")
-      invite = Repo.get_by(UserInviteToken, token: invite.token)
+      assert user == User.get_cached_by_nickname("vinny")
 
+      invite = Repo.get_by(UserInviteToken, token: invite.token)
       refute invite.used
-
-      assert AccountView.render("show.json", %{user: user}) ==
-               AccountView.render("show.json", %{user: fetched_user})
     end
 
     test "error after max uses" do
@@ -327,13 +310,11 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPITest do
       }
 
       {:ok, user} = TwitterAPI.register_user(data)
-      fetched_user = User.get_cached_by_nickname("vinny")
+      assert user == User.get_cached_by_nickname("vinny")
+
       invite = Repo.get_by(UserInviteToken, token: invite.token)
       assert invite.used == true
 
-      assert AccountView.render("show.json", %{user: user}) ==
-               AccountView.render("show.json", %{user: fetched_user})
-
       data = %{
         :username => "GrimReaper",
         :email => "death@reapers.afterlife",
-- 
cgit v1.2.3


From 9ea51a6de516b37341a9566d11d0110c2d87c1b6 Mon Sep 17 00:00:00 2001
From: Ivan Tashkinov <ivantashkinov@gmail.com>
Date: Thu, 23 Jul 2020 15:08:30 +0300
Subject: [#2791] AccountView: renamed `:force` option to
 `:skip_visibility_check`.

---
 test/web/activity_pub/activity_pub_test.exs       |  3 ++-
 test/web/activity_pub/transmogrifier_test.exs     |  2 +-
 test/web/activity_pub/utils_test.exs              |  3 ++-
 test/web/admin_api/views/report_view_test.exs     | 14 ++++++++---
 test/web/mastodon_api/views/account_view_test.exs | 30 +++++++++++++----------
 test/web/mastodon_api/views/status_view_test.exs  |  2 +-
 test/web/pleroma_api/views/chat_view_test.exs     |  3 ++-
 7 files changed, 35 insertions(+), 22 deletions(-)

(limited to 'test/web')

diff --git a/test/web/activity_pub/activity_pub_test.exs b/test/web/activity_pub/activity_pub_test.exs
index 34905a928..d6eab7337 100644
--- a/test/web/activity_pub/activity_pub_test.exs
+++ b/test/web/activity_pub/activity_pub_test.exs
@@ -1179,7 +1179,8 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
         "id" => activity_ap_id,
         "content" => content,
         "published" => activity_with_object.object.data["published"],
-        "actor" => AccountView.render("show.json", %{user: target_account, force: true})
+        "actor" =>
+          AccountView.render("show.json", %{user: target_account, skip_visibility_check: true})
       }
 
       assert %Activity{
diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs
index 01e18eace..2d089b19b 100644
--- a/test/web/activity_pub/transmogrifier_test.exs
+++ b/test/web/activity_pub/transmogrifier_test.exs
@@ -710,7 +710,7 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
         "id" => activity.data["id"],
         "content" => "test post",
         "published" => object.data["published"],
-        "actor" => AccountView.render("show.json", %{user: user, force: true})
+        "actor" => AccountView.render("show.json", %{user: user, skip_visibility_check: true})
       }
 
       message = %{
diff --git a/test/web/activity_pub/utils_test.exs b/test/web/activity_pub/utils_test.exs
index ab984d486..d50213545 100644
--- a/test/web/activity_pub/utils_test.exs
+++ b/test/web/activity_pub/utils_test.exs
@@ -482,7 +482,8 @@ defmodule Pleroma.Web.ActivityPub.UtilsTest do
         "id" => activity_ap_id,
         "content" => content,
         "published" => activity.object.data["published"],
-        "actor" => AccountView.render("show.json", %{user: target_account, force: true})
+        "actor" =>
+          AccountView.render("show.json", %{user: target_account, skip_visibility_check: true})
       }
 
       assert %{
diff --git a/test/web/admin_api/views/report_view_test.exs b/test/web/admin_api/views/report_view_test.exs
index e171509e5..5a02292be 100644
--- a/test/web/admin_api/views/report_view_test.exs
+++ b/test/web/admin_api/views/report_view_test.exs
@@ -24,12 +24,15 @@ defmodule Pleroma.Web.AdminAPI.ReportViewTest do
       content: nil,
       actor:
         Map.merge(
-          MastodonAPI.AccountView.render("show.json", %{user: user, force: true}),
+          MastodonAPI.AccountView.render("show.json", %{user: user, skip_visibility_check: true}),
           AdminAPI.AccountView.render("show.json", %{user: user})
         ),
       account:
         Map.merge(
-          MastodonAPI.AccountView.render("show.json", %{user: other_user, force: true}),
+          MastodonAPI.AccountView.render("show.json", %{
+            user: other_user,
+            skip_visibility_check: true
+          }),
           AdminAPI.AccountView.render("show.json", %{user: other_user})
         ),
       statuses: [],
@@ -59,12 +62,15 @@ defmodule Pleroma.Web.AdminAPI.ReportViewTest do
       content: nil,
       actor:
         Map.merge(
-          MastodonAPI.AccountView.render("show.json", %{user: user, force: true}),
+          MastodonAPI.AccountView.render("show.json", %{user: user, skip_visibility_check: true}),
           AdminAPI.AccountView.render("show.json", %{user: user})
         ),
       account:
         Map.merge(
-          MastodonAPI.AccountView.render("show.json", %{user: other_user, force: true}),
+          MastodonAPI.AccountView.render("show.json", %{
+            user: other_user,
+            skip_visibility_check: true
+          }),
           AdminAPI.AccountView.render("show.json", %{user: other_user})
         ),
       statuses: [StatusView.render("show.json", %{activity: activity})],
diff --git a/test/web/mastodon_api/views/account_view_test.exs b/test/web/mastodon_api/views/account_view_test.exs
index 2b18c2e43..8f37efa3c 100644
--- a/test/web/mastodon_api/views/account_view_test.exs
+++ b/test/web/mastodon_api/views/account_view_test.exs
@@ -95,7 +95,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
       }
     }
 
-    assert expected == AccountView.render("show.json", %{user: user, force: true})
+    assert expected == AccountView.render("show.json", %{user: user, skip_visibility_check: true})
   end
 
   test "Favicon is nil when :instances_favicons is disabled" do
@@ -108,12 +108,12 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
                favicon:
                  "https://shitposter.club/plugins/Qvitter/img/gnusocial-favicons/favicon-16x16.png"
              }
-           } = AccountView.render("show.json", %{user: user, force: true})
+           } = AccountView.render("show.json", %{user: user, skip_visibility_check: true})
 
     Config.put([:instances_favicons, :enabled], false)
 
     assert %{pleroma: %{favicon: nil}} =
-             AccountView.render("show.json", %{user: user, force: true})
+             AccountView.render("show.json", %{user: user, skip_visibility_check: true})
   end
 
   test "Represent the user account for the account owner" do
@@ -190,7 +190,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
       }
     }
 
-    assert expected == AccountView.render("show.json", %{user: user, force: true})
+    assert expected == AccountView.render("show.json", %{user: user, skip_visibility_check: true})
   end
 
   test "Represent a Funkwhale channel" do
@@ -199,7 +199,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
         "https://channels.tests.funkwhale.audio/federation/actors/compositions"
       )
 
-    assert represented = AccountView.render("show.json", %{user: user, force: true})
+    assert represented =
+             AccountView.render("show.json", %{user: user, skip_visibility_check: true})
+
     assert represented.acct == "compositions@channels.tests.funkwhale.audio"
     assert represented.url == "https://channels.tests.funkwhale.audio/channels/compositions"
   end
@@ -224,7 +226,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
     assert expected == AccountView.render("mention.json", %{user: user})
   end
 
-  test "demands :for or :force option for account rendering" do
+  test "demands :for or :skip_visibility_check option for account rendering" do
     clear_config([:restrict_unauthenticated, :profiles, :local], false)
 
     user = insert(:user)
@@ -232,9 +234,11 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
 
     assert %{id: ^user_id} = AccountView.render("show.json", %{user: user, for: nil})
     assert %{id: ^user_id} = AccountView.render("show.json", %{user: user, for: user})
-    assert %{id: ^user_id} = AccountView.render("show.json", %{user: user, force: true})
 
-    assert_raise RuntimeError, ~r/:force or :for option is required/, fn ->
+    assert %{id: ^user_id} =
+             AccountView.render("show.json", %{user: user, skip_visibility_check: true})
+
+    assert_raise RuntimeError, ~r/:skip_visibility_check or :for option is required/, fn ->
       AccountView.render("show.json", %{user: user})
     end
   end
@@ -361,13 +365,13 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
 
   test "doesn't sanitize display names" do
     user = insert(:user, name: "<marquee> username </marquee>")
-    result = AccountView.render("show.json", %{user: user, force: true})
+    result = AccountView.render("show.json", %{user: user, skip_visibility_check: true})
     assert result.display_name == "<marquee> username </marquee>"
   end
 
   test "never display nil user follow counts" do
     user = insert(:user, following_count: 0, follower_count: 0)
-    result = AccountView.render("show.json", %{user: user, force: true})
+    result = AccountView.render("show.json", %{user: user, skip_visibility_check: true})
 
     assert result.following_count == 0
     assert result.followers_count == 0
@@ -391,7 +395,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
                followers_count: 0,
                following_count: 0,
                pleroma: %{hide_follows_count: true, hide_followers_count: true}
-             } = AccountView.render("show.json", %{user: user, force: true})
+             } = AccountView.render("show.json", %{user: user, skip_visibility_check: true})
     end
 
     test "shows when follows/followers are hidden" do
@@ -404,7 +408,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
                followers_count: 1,
                following_count: 1,
                pleroma: %{hide_follows: true, hide_followers: true}
-             } = AccountView.render("show.json", %{user: user, force: true})
+             } = AccountView.render("show.json", %{user: user, skip_visibility_check: true})
     end
 
     test "shows actual follower/following count to the account owner" do
@@ -547,7 +551,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
         emoji: %{"joker_smile" => "https://evil.website/society.png"}
       )
 
-    AccountView.render("show.json", %{user: user, force: true})
+    AccountView.render("show.json", %{user: user, skip_visibility_check: true})
     |> Enum.all?(fn
       {key, url} when key in [:avatar, :avatar_static, :header, :header_static] ->
         String.starts_with?(url, Pleroma.Web.base_url())
diff --git a/test/web/mastodon_api/views/status_view_test.exs b/test/web/mastodon_api/views/status_view_test.exs
index d44e3f6e6..d97d818bb 100644
--- a/test/web/mastodon_api/views/status_view_test.exs
+++ b/test/web/mastodon_api/views/status_view_test.exs
@@ -177,7 +177,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do
       id: to_string(note.id),
       uri: object_data["id"],
       url: Pleroma.Web.Router.Helpers.o_status_url(Pleroma.Web.Endpoint, :notice, note),
-      account: AccountView.render("show.json", %{user: user, force: true}),
+      account: AccountView.render("show.json", %{user: user, skip_visibility_check: true}),
       in_reply_to_id: nil,
       in_reply_to_account_id: nil,
       card: nil,
diff --git a/test/web/pleroma_api/views/chat_view_test.exs b/test/web/pleroma_api/views/chat_view_test.exs
index 46d47cd4f..02484b705 100644
--- a/test/web/pleroma_api/views/chat_view_test.exs
+++ b/test/web/pleroma_api/views/chat_view_test.exs
@@ -26,7 +26,8 @@ defmodule Pleroma.Web.PleromaAPI.ChatViewTest do
 
     assert represented_chat == %{
              id: "#{chat.id}",
-             account: AccountView.render("show.json", user: recipient, force: true),
+             account:
+               AccountView.render("show.json", user: recipient, skip_visibility_check: true),
              unread: 0,
              last_message: nil,
              updated_at: Utils.to_masto_date(chat.updated_at)
-- 
cgit v1.2.3


From 4bfad0b483957acf755a043f33799742997da859 Mon Sep 17 00:00:00 2001
From: Mark Felder <feld@FreeBSD.org>
Date: Thu, 23 Jul 2020 12:59:40 -0500
Subject: Support blocking via query parameters as well and document the
 change.

---
 .../controllers/domain_block_controller_test.exs           | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'test/web')

diff --git a/test/web/mastodon_api/controllers/domain_block_controller_test.exs b/test/web/mastodon_api/controllers/domain_block_controller_test.exs
index 978290d62..664654500 100644
--- a/test/web/mastodon_api/controllers/domain_block_controller_test.exs
+++ b/test/web/mastodon_api/controllers/domain_block_controller_test.exs
@@ -32,6 +32,20 @@ defmodule Pleroma.Web.MastodonAPI.DomainBlockControllerTest do
     refute User.blocks?(user, other_user)
   end
 
+  test "blocking a domain via query params" do
+    %{user: user, conn: conn} = oauth_access(["write:blocks"])
+    other_user = insert(:user, %{ap_id: "https://dogwhistle.zone/@pundit"})
+
+    ret_conn =
+      conn
+      |> put_req_header("content-type", "application/json")
+      |> post("/api/v1/domain_blocks?domain=dogwhistle.zone")
+
+    assert %{} == json_response_and_validate_schema(ret_conn, 200)
+    user = User.get_cached_by_ap_id(user.ap_id)
+    assert User.blocks?(user, other_user)
+  end
+
   test "unblocking a domain via query params" do
     %{user: user, conn: conn} = oauth_access(["write:blocks"])
     other_user = insert(:user, %{ap_id: "https://dogwhistle.zone/@pundit"})
-- 
cgit v1.2.3


From 91f3cf9bc6e8e8567d20bb859ee0bb9854a20a07 Mon Sep 17 00:00:00 2001
From: Lain Soykaf <lain@soykaf.club>
Date: Fri, 24 Jul 2020 14:06:41 +0200
Subject: Pipeline: Add embedded object federation.

---
 test/web/activity_pub/pipeline_test.exs | 45 +++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)

(limited to 'test/web')

diff --git a/test/web/activity_pub/pipeline_test.exs b/test/web/activity_pub/pipeline_test.exs
index 8deb64501..202b5fe61 100644
--- a/test/web/activity_pub/pipeline_test.exs
+++ b/test/web/activity_pub/pipeline_test.exs
@@ -14,6 +14,51 @@ defmodule Pleroma.Web.ActivityPub.PipelineTest do
       :ok
     end
 
+    test "when given an `embedded_object` in meta, Federation will receive a the original activity with the `object` field set to this embedded object" do
+      activity = insert(:note_activity)
+      object = %{"id" => "1", "type" => "Love"}
+      meta = [local: true, embedded_object: object]
+
+      activity_with_object = %{activity | data: Map.put(activity.data, "object", object)}
+
+      with_mocks([
+        {Pleroma.Web.ActivityPub.ObjectValidator, [], [validate: fn o, m -> {:ok, o, m} end]},
+        {
+          Pleroma.Web.ActivityPub.MRF,
+          [],
+          [filter: fn o -> {:ok, o} end]
+        },
+        {
+          Pleroma.Web.ActivityPub.ActivityPub,
+          [],
+          [persist: fn o, m -> {:ok, o, m} end]
+        },
+        {
+          Pleroma.Web.ActivityPub.SideEffects,
+          [],
+          [
+            handle: fn o, m -> {:ok, o, m} end,
+            handle_after_transaction: fn m -> m end
+          ]
+        },
+        {
+          Pleroma.Web.Federator,
+          [],
+          [publish: fn _o -> :ok end]
+        }
+      ]) do
+        assert {:ok, ^activity, ^meta} =
+                 Pleroma.Web.ActivityPub.Pipeline.common_pipeline(activity, meta)
+
+        assert_called(Pleroma.Web.ActivityPub.ObjectValidator.validate(activity, meta))
+        assert_called(Pleroma.Web.ActivityPub.MRF.filter(activity))
+        assert_called(Pleroma.Web.ActivityPub.ActivityPub.persist(activity, meta))
+        assert_called(Pleroma.Web.ActivityPub.SideEffects.handle(activity, meta))
+        refute called(Pleroma.Web.Federator.publish(activity))
+        assert_called(Pleroma.Web.Federator.publish(activity_with_object))
+      end
+    end
+
     test "it goes through validation, filtering, persisting, side effects and federation for local activities" do
       activity = insert(:note_activity)
       meta = [local: true]
-- 
cgit v1.2.3


From 3d13fb05f851d127d852ee9c26afa4dab61410ad Mon Sep 17 00:00:00 2001
From: Lain Soykaf <lain@soykaf.club>
Date: Fri, 24 Jul 2020 14:40:22 +0200
Subject: Side Effects: On undoing, put information about the undone object.

---
 test/web/activity_pub/side_effects_test.exs | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'test/web')

diff --git a/test/web/activity_pub/side_effects_test.exs b/test/web/activity_pub/side_effects_test.exs
index 2649b060a..d48c235c0 100644
--- a/test/web/activity_pub/side_effects_test.exs
+++ b/test/web/activity_pub/side_effects_test.exs
@@ -312,8 +312,13 @@ defmodule Pleroma.Web.ActivityPub.SideEffectsTest do
       }
     end
 
-    test "deletes the original block", %{block_undo: block_undo, block: block} do
-      {:ok, _block_undo, _} = SideEffects.handle(block_undo)
+    test "deletes the original block, but sets `embedded_object`", %{
+      block_undo: block_undo,
+      block: block
+    } do
+      {:ok, _block_undo, meta} = SideEffects.handle(block_undo)
+
+      assert meta[:embedded_object] == block.data
       refute Activity.get_by_id(block.id)
     end
 
-- 
cgit v1.2.3


From 1dd6de03ee655f5247ac62fee488307c934d7378 Mon Sep 17 00:00:00 2001
From: Lain Soykaf <lain@soykaf.club>
Date: Fri, 24 Jul 2020 14:54:13 +0200
Subject: CommonAPI Tests: Check that undoing objects federates them as embeds.

---
 test/web/common_api/common_api_test.exs | 25 +++++++++++++++++++------
 1 file changed, 19 insertions(+), 6 deletions(-)

(limited to 'test/web')

diff --git a/test/web/common_api/common_api_test.exs b/test/web/common_api/common_api_test.exs
index 7e11fede3..313dda21b 100644
--- a/test/web/common_api/common_api_test.exs
+++ b/test/web/common_api/common_api_test.exs
@@ -624,14 +624,27 @@ defmodule Pleroma.Web.CommonAPITest do
       user = insert(:user)
       other_user = insert(:user)
 
-      {:ok, activity} = CommonAPI.post(other_user, %{status: "cofe"})
-      {:ok, reaction} = CommonAPI.react_with_emoji(activity.id, user, "👍")
+      clear_config([:instance, :federating], true)
+
+      with_mock Pleroma.Web.Federator,
+        publish: fn _ -> nil end do
+        {:ok, activity} = CommonAPI.post(other_user, %{status: "cofe"})
+        {:ok, reaction} = CommonAPI.react_with_emoji(activity.id, user, "👍")
+
+        {:ok, unreaction} = CommonAPI.unreact_with_emoji(activity.id, user, "👍")
 
-      {:ok, unreaction} = CommonAPI.unreact_with_emoji(activity.id, user, "👍")
+        assert unreaction.data["type"] == "Undo"
+        assert unreaction.data["object"] == reaction.data["id"]
+        assert unreaction.local
 
-      assert unreaction.data["type"] == "Undo"
-      assert unreaction.data["object"] == reaction.data["id"]
-      assert unreaction.local
+        # On federation, it contains the undone (and deleted) object
+        unreaction_with_object = %{
+          unreaction
+          | data: Map.put(unreaction.data, "object", reaction.data)
+        }
+
+        assert called(Pleroma.Web.Federator.publish(unreaction_with_object))
+      end
     end
 
     test "repeating a status" do
-- 
cgit v1.2.3


From 9e6f4694dd21f92bb2292e819d0f7f1cad149887 Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Mon, 27 Jul 2020 16:39:50 +0200
Subject: Pipeline: Unify embedded_object / object_data, move to validator.

---
 test/web/activity_pub/pipeline_test.exs     | 4 ++--
 test/web/activity_pub/side_effects_test.exs | 5 ++---
 2 files changed, 4 insertions(+), 5 deletions(-)

(limited to 'test/web')

diff --git a/test/web/activity_pub/pipeline_test.exs b/test/web/activity_pub/pipeline_test.exs
index 202b5fe61..f2a231eaf 100644
--- a/test/web/activity_pub/pipeline_test.exs
+++ b/test/web/activity_pub/pipeline_test.exs
@@ -14,10 +14,10 @@ defmodule Pleroma.Web.ActivityPub.PipelineTest do
       :ok
     end
 
-    test "when given an `embedded_object` in meta, Federation will receive a the original activity with the `object` field set to this embedded object" do
+    test "when given an `object_data` in meta, Federation will receive a the original activity with the `object` field set to this embedded object" do
       activity = insert(:note_activity)
       object = %{"id" => "1", "type" => "Love"}
-      meta = [local: true, embedded_object: object]
+      meta = [local: true, object_data: object]
 
       activity_with_object = %{activity | data: Map.put(activity.data, "object", object)}
 
diff --git a/test/web/activity_pub/side_effects_test.exs b/test/web/activity_pub/side_effects_test.exs
index d48c235c0..4a08eb7ee 100644
--- a/test/web/activity_pub/side_effects_test.exs
+++ b/test/web/activity_pub/side_effects_test.exs
@@ -312,13 +312,12 @@ defmodule Pleroma.Web.ActivityPub.SideEffectsTest do
       }
     end
 
-    test "deletes the original block, but sets `embedded_object`", %{
+    test "deletes the original block", %{
       block_undo: block_undo,
       block: block
     } do
-      {:ok, _block_undo, meta} = SideEffects.handle(block_undo)
+      {:ok, _block_undo, _meta} = SideEffects.handle(block_undo)
 
-      assert meta[:embedded_object] == block.data
       refute Activity.get_by_id(block.id)
     end
 
-- 
cgit v1.2.3


From f43518eb7433a6c50d635d6536c3fbe3a37ea82b Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Mon, 27 Jul 2020 19:19:14 -0500
Subject: Lint, fix test

---
 test/web/mastodon_api/controllers/account_controller_test.exs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'test/web')

diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs
index e6b283aab..1ba5bc964 100644
--- a/test/web/mastodon_api/controllers/account_controller_test.exs
+++ b/test/web/mastodon_api/controllers/account_controller_test.exs
@@ -1017,7 +1017,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
           password: "PlzDontHackLain",
           bio: "Test Bio",
           agreement: true,
-          reason: "I'm a cool dude, bro"
+          reason: "I am a cool dude, bro"
         })
 
       %{
@@ -1035,7 +1035,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
       assert token_from_db.user.confirmation_pending
       assert token_from_db.user.approval_pending
 
-      assert token_from_db.user.registration_reason == "I'm a cool dude, bro"
+      assert token_from_db.user.registration_reason == "I am a cool dude, bro"
     end
 
     test "returns error when user already registred", %{conn: conn, valid_params: valid_params} do
-- 
cgit v1.2.3


From f688c8df82b955b50552b3198ddc153a716451c2 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Mon, 27 Jul 2020 20:36:31 -0500
Subject: Fix User.registration_reason HTML sanitizing issues

---
 test/web/mastodon_api/controllers/account_controller_test.exs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'test/web')

diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs
index 1ba5bc964..e6b283aab 100644
--- a/test/web/mastodon_api/controllers/account_controller_test.exs
+++ b/test/web/mastodon_api/controllers/account_controller_test.exs
@@ -1017,7 +1017,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
           password: "PlzDontHackLain",
           bio: "Test Bio",
           agreement: true,
-          reason: "I am a cool dude, bro"
+          reason: "I'm a cool dude, bro"
         })
 
       %{
@@ -1035,7 +1035,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
       assert token_from_db.user.confirmation_pending
       assert token_from_db.user.approval_pending
 
-      assert token_from_db.user.registration_reason == "I am a cool dude, bro"
+      assert token_from_db.user.registration_reason == "I'm a cool dude, bro"
     end
 
     test "returns error when user already registred", %{conn: conn, valid_params: valid_params} do
-- 
cgit v1.2.3


From 3b7c454418700ca36c0a71272f913ea8c6e464e9 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Tue, 28 Jul 2020 14:49:49 -0500
Subject: Let favourites and emoji reactions optionally be hidden

---
 .../controllers/status_controller_test.exs            | 15 +++++++++++++++
 .../controllers/emoji_reaction_controller_test.exs    | 19 +++++++++++++++++++
 2 files changed, 34 insertions(+)

(limited to 'test/web')

diff --git a/test/web/mastodon_api/controllers/status_controller_test.exs b/test/web/mastodon_api/controllers/status_controller_test.exs
index d34f300da..e3f127163 100644
--- a/test/web/mastodon_api/controllers/status_controller_test.exs
+++ b/test/web/mastodon_api/controllers/status_controller_test.exs
@@ -21,6 +21,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
 
   setup do: clear_config([:instance, :federating])
   setup do: clear_config([:instance, :allow_relay])
+  setup do: clear_config([:instance, :show_reactions])
   setup do: clear_config([:rich_media, :enabled])
   setup do: clear_config([:mrf, :policies])
   setup do: clear_config([:mrf_keyword, :reject])
@@ -1432,6 +1433,20 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
       [%{"id" => id}] = response
       assert id == other_user.id
     end
+
+    test "returns empty array when :show_reactions is disabled", %{conn: conn, activity: activity} do
+      Pleroma.Config.put([:instance, :show_reactions], false)
+
+      other_user = insert(:user)
+      {:ok, _} = CommonAPI.favorite(other_user, activity.id)
+
+      response =
+        conn
+        |> get("/api/v1/statuses/#{activity.id}/favourited_by")
+        |> json_response_and_validate_schema(:ok)
+
+      assert Enum.empty?(response)
+    end
   end
 
   describe "GET /api/v1/statuses/:id/reblogged_by" do
diff --git a/test/web/pleroma_api/controllers/emoji_reaction_controller_test.exs b/test/web/pleroma_api/controllers/emoji_reaction_controller_test.exs
index e1bb5ebfe..8af2ee03f 100644
--- a/test/web/pleroma_api/controllers/emoji_reaction_controller_test.exs
+++ b/test/web/pleroma_api/controllers/emoji_reaction_controller_test.exs
@@ -13,6 +13,8 @@ defmodule Pleroma.Web.PleromaAPI.EmojiReactionControllerTest do
 
   import Pleroma.Factory
 
+  setup do: clear_config([:instance, :show_reactions])
+
   test "PUT /api/v1/pleroma/statuses/:id/reactions/:emoji", %{conn: conn} do
     user = insert(:user)
     other_user = insert(:user)
@@ -106,6 +108,23 @@ defmodule Pleroma.Web.PleromaAPI.EmojiReactionControllerTest do
              result
   end
 
+  test "GET /api/v1/pleroma/statuses/:id/reactions with :show_reactions disabled", %{conn: conn} do
+    Pleroma.Config.put([:instance, :show_reactions], false)
+
+    user = insert(:user)
+    other_user = insert(:user)
+
+    {:ok, activity} = CommonAPI.post(user, %{status: "#cofe"})
+    {:ok, _} = CommonAPI.react_with_emoji(activity.id, other_user, "🎅")
+
+    result =
+      conn
+      |> get("/api/v1/pleroma/statuses/#{activity.id}/reactions")
+      |> json_response_and_validate_schema(200)
+
+    assert result == []
+  end
+
   test "GET /api/v1/pleroma/statuses/:id/reactions/:emoji", %{conn: conn} do
     user = insert(:user)
     other_user = insert(:user)
-- 
cgit v1.2.3


From 3c90f7f7156889a1f74950ab976819faa281df43 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Tue, 28 Jul 2020 18:55:29 -0500
Subject: SimpleMRF: Let instances be silenced

---
 test/web/activity_pub/mrf/simple_policy_test.exs | 47 ++++++++++++++++++++++++
 1 file changed, 47 insertions(+)

(limited to 'test/web')

diff --git a/test/web/activity_pub/mrf/simple_policy_test.exs b/test/web/activity_pub/mrf/simple_policy_test.exs
index e842d8d8d..510a31d80 100644
--- a/test/web/activity_pub/mrf/simple_policy_test.exs
+++ b/test/web/activity_pub/mrf/simple_policy_test.exs
@@ -7,6 +7,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
   import Pleroma.Factory
   alias Pleroma.Config
   alias Pleroma.Web.ActivityPub.MRF.SimplePolicy
+  alias Pleroma.Web.CommonAPI
 
   setup do:
           clear_config(:mrf_simple,
@@ -15,6 +16,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
             federated_timeline_removal: [],
             report_removal: [],
             reject: [],
+            silence: [],
             accept: [],
             avatar_removal: [],
             banner_removal: [],
@@ -261,6 +263,51 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
     end
   end
 
+  describe "when :silence" do
+    test "is empty" do
+      Config.put([:mrf_simple, :silence], [])
+      {_, ftl_message} = build_ftl_actor_and_message()
+      local_message = build_local_message()
+
+      assert SimplePolicy.filter(ftl_message) == {:ok, ftl_message}
+      assert SimplePolicy.filter(local_message) == {:ok, local_message}
+    end
+
+    test "has a matching host" do
+      actor = insert(:user)
+      following_user = insert(:user)
+      non_following_user = insert(:user)
+
+      {:ok, _, _, _} = CommonAPI.follow(following_user, actor)
+
+      activity = %{
+        "actor" => actor.ap_id,
+        "to" => [
+          "https://www.w3.org/ns/activitystreams#Public",
+          following_user.ap_id,
+          non_following_user.ap_id
+        ],
+        "cc" => [actor.follower_address, "http://foo.bar/qux"]
+      }
+
+      actor_domain =
+        activity
+        |> Map.fetch!("actor")
+        |> URI.parse()
+        |> Map.fetch!(:host)
+
+      Config.put([:mrf_simple, :silence], [actor_domain])
+
+      assert {:ok, new_activity} = SimplePolicy.filter(activity)
+      assert actor.follower_address in new_activity["to"]
+      assert following_user.ap_id in new_activity["to"]
+      refute "https://www.w3.org/ns/activitystreams#Public" in new_activity["to"]
+      refute "https://www.w3.org/ns/activitystreams#Public" in new_activity["cc"]
+      refute non_following_user.ap_id in new_activity["to"]
+      refute non_following_user.ap_id in new_activity["cc"]
+    end
+  end
+
   describe "when :accept" do
     test "is empty" do
       Config.put([:mrf_simple, :accept], [])
-- 
cgit v1.2.3


From 15b8446cdb1b5130d5feddc3369dd41417df7eda Mon Sep 17 00:00:00 2001
From: Maksim Pechnikov <parallel588@gmail.com>
Date: Wed, 29 Jul 2020 06:45:08 +0300
Subject: updated dev & test packages

---
 test/web/admin_api/controllers/report_controller_test.exs | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

(limited to 'test/web')

diff --git a/test/web/admin_api/controllers/report_controller_test.exs b/test/web/admin_api/controllers/report_controller_test.exs
index f30dc8956..57946e6bb 100644
--- a/test/web/admin_api/controllers/report_controller_test.exs
+++ b/test/web/admin_api/controllers/report_controller_test.exs
@@ -204,7 +204,7 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
     test "returns empty response when no reports created", %{conn: conn} do
       response =
         conn
-        |> get("/api/pleroma/admin/reports")
+        |> get(report_path(conn, :index))
         |> json_response_and_validate_schema(:ok)
 
       assert Enum.empty?(response["reports"])
@@ -224,7 +224,7 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
 
       response =
         conn
-        |> get("/api/pleroma/admin/reports")
+        |> get(report_path(conn, :index))
         |> json_response_and_validate_schema(:ok)
 
       [report] = response["reports"]
@@ -256,7 +256,7 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
 
       response =
         conn
-        |> get("/api/pleroma/admin/reports?state=open")
+        |> get(report_path(conn, :index, %{state: "open"}))
         |> json_response_and_validate_schema(:ok)
 
       assert [open_report] = response["reports"]
@@ -268,7 +268,7 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
 
       response =
         conn
-        |> get("/api/pleroma/admin/reports?state=closed")
+        |> get(report_path(conn, :index, %{state: "closed"}))
         |> json_response_and_validate_schema(:ok)
 
       assert [closed_report] = response["reports"]
@@ -280,9 +280,7 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
 
       assert %{"total" => 0, "reports" => []} ==
                conn
-               |> get("/api/pleroma/admin/reports?state=resolved", %{
-                 "" => ""
-               })
+               |> get(report_path(conn, :index, %{state: "resolved"}))
                |> json_response_and_validate_schema(:ok)
     end
 
-- 
cgit v1.2.3


From edf8b6abfeba487406db756254a00524e3a9dce2 Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Wed, 29 Jul 2020 10:53:08 +0200
Subject: EnsureRePrepended: Don't break on chat messages.

---
 test/web/activity_pub/mrf/ensure_re_prepended_test.exs | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'test/web')

diff --git a/test/web/activity_pub/mrf/ensure_re_prepended_test.exs b/test/web/activity_pub/mrf/ensure_re_prepended_test.exs
index 38ddec5bb..9a283f27d 100644
--- a/test/web/activity_pub/mrf/ensure_re_prepended_test.exs
+++ b/test/web/activity_pub/mrf/ensure_re_prepended_test.exs
@@ -78,5 +78,15 @@ defmodule Pleroma.Web.ActivityPub.MRF.EnsureRePrependedTest do
       assert {:ok, res} = EnsureRePrepended.filter(message)
       assert res == message
     end
+
+    test "it skips if the object is only a reference" do
+      message = %{
+        "type" => "Create",
+        "object" => "somereference"
+      }
+
+      assert {:ok, res} = EnsureRePrepended.filter(message)
+      assert res == message
+    end
   end
 end
-- 
cgit v1.2.3


From c25c21dd22202fe0fc827ef57e5a69631fa35bf7 Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Wed, 29 Jul 2020 11:47:03 +0200
Subject: AccountController: Don't explicitly ask to keep users unconfirmed.

Confirmation is set in User.register_changeset based on the config
settings.
---
 .../controllers/account_controller_test.exs        | 68 +++++++++++++++++++++-
 1 file changed, 65 insertions(+), 3 deletions(-)

(limited to 'test/web')

diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs
index c304487ea..a2332d2af 100644
--- a/test/web/mastodon_api/controllers/account_controller_test.exs
+++ b/test/web/mastodon_api/controllers/account_controller_test.exs
@@ -903,9 +903,73 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
       [valid_params: valid_params]
     end
 
-    setup do: clear_config([:instance, :account_activation_required])
+    test "Account registration via Application, no confirmation required", %{conn: conn} do
+      clear_config([:instance, :account_activation_required], false)
+
+      conn =
+        conn
+        |> put_req_header("content-type", "application/json")
+        |> post("/api/v1/apps", %{
+          client_name: "client_name",
+          redirect_uris: "urn:ietf:wg:oauth:2.0:oob",
+          scopes: "read, write, follow"
+        })
+
+      assert %{
+               "client_id" => client_id,
+               "client_secret" => client_secret,
+               "id" => _,
+               "name" => "client_name",
+               "redirect_uri" => "urn:ietf:wg:oauth:2.0:oob",
+               "vapid_key" => _,
+               "website" => nil
+             } = json_response_and_validate_schema(conn, 200)
+
+      conn =
+        post(conn, "/oauth/token", %{
+          grant_type: "client_credentials",
+          client_id: client_id,
+          client_secret: client_secret
+        })
+
+      assert %{"access_token" => token, "refresh_token" => refresh, "scope" => scope} =
+               json_response(conn, 200)
+
+      assert token
+      token_from_db = Repo.get_by(Token, token: token)
+      assert token_from_db
+      assert refresh
+      assert scope == "read write follow"
+
+      conn =
+        build_conn()
+        |> put_req_header("content-type", "multipart/form-data")
+        |> put_req_header("authorization", "Bearer " <> token)
+        |> post("/api/v1/accounts", %{
+          username: "lain",
+          email: "lain@example.org",
+          password: "PlzDontHackLain",
+          bio: "Test Bio",
+          agreement: true
+        })
+
+      %{
+        "access_token" => token,
+        "created_at" => _created_at,
+        "scope" => ^scope,
+        "token_type" => "Bearer"
+      } = json_response_and_validate_schema(conn, 200)
+
+      token_from_db = Repo.get_by(Token, token: token)
+      assert token_from_db
+      token_from_db = Repo.preload(token_from_db, :user)
+      assert token_from_db.user
+      refute token_from_db.user.confirmation_pending
+    end
 
     test "Account registration via Application", %{conn: conn} do
+      clear_config([:instance, :account_activation_required], true)
+
       conn =
         conn
         |> put_req_header("content-type", "application/json")
@@ -1188,8 +1252,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
         assert token_from_db
         token_from_db = Repo.preload(token_from_db, :user)
         assert token_from_db.user
-
-        assert token_from_db.user.confirmation_pending
       end
 
       conn =
-- 
cgit v1.2.3


From 2e27847573e91946e6777f9aa18b9cf9ccaf820d Mon Sep 17 00:00:00 2001
From: "Haelwenn (lanodan) Monnier" <contact@hacktivis.me>
Date: Wed, 29 Jul 2020 14:02:02 +0200
Subject: feed/user_controller: Return 404 when the user is remote

---
 test/web/feed/user_controller_test.exs | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'test/web')

diff --git a/test/web/feed/user_controller_test.exs b/test/web/feed/user_controller_test.exs
index fa2ed1ea5..0d2a61967 100644
--- a/test/web/feed/user_controller_test.exs
+++ b/test/web/feed/user_controller_test.exs
@@ -181,6 +181,17 @@ defmodule Pleroma.Web.Feed.UserControllerTest do
 
       assert activity_titles == ['public', 'unlisted']
     end
+
+    test "returns 404 when the user is remote", %{conn: conn} do
+      user = insert(:user, local: false)
+
+      {:ok, _} = CommonAPI.post(user, %{status: "test"})
+
+      assert conn
+             |> put_req_header("accept", "application/atom+xml")
+             |> get(user_feed_path(conn, :feed, user.nickname))
+             |> response(404)
+    end
   end
 
   # Note: see ActivityPubControllerTest for JSON format tests
-- 
cgit v1.2.3


From 026a51cb27e250a55a03c509390390e8141dc290 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Wed, 29 Jul 2020 12:45:32 -0500
Subject: :show_reactions, add CHANGELOG.md, refactor test

---
 test/web/pleroma_api/controllers/emoji_reaction_controller_test.exs | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

(limited to 'test/web')

diff --git a/test/web/pleroma_api/controllers/emoji_reaction_controller_test.exs b/test/web/pleroma_api/controllers/emoji_reaction_controller_test.exs
index 8af2ee03f..3deab30d1 100644
--- a/test/web/pleroma_api/controllers/emoji_reaction_controller_test.exs
+++ b/test/web/pleroma_api/controllers/emoji_reaction_controller_test.exs
@@ -13,8 +13,6 @@ defmodule Pleroma.Web.PleromaAPI.EmojiReactionControllerTest do
 
   import Pleroma.Factory
 
-  setup do: clear_config([:instance, :show_reactions])
-
   test "PUT /api/v1/pleroma/statuses/:id/reactions/:emoji", %{conn: conn} do
     user = insert(:user)
     other_user = insert(:user)
@@ -109,7 +107,7 @@ defmodule Pleroma.Web.PleromaAPI.EmojiReactionControllerTest do
   end
 
   test "GET /api/v1/pleroma/statuses/:id/reactions with :show_reactions disabled", %{conn: conn} do
-    Pleroma.Config.put([:instance, :show_reactions], false)
+    clear_config([:instance, :show_reactions], false)
 
     user = insert(:user)
     other_user = insert(:user)
-- 
cgit v1.2.3


From 00d090004eefdf6cf2cf644be1d4dcfdd8b0ba35 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Wed, 29 Jul 2020 12:50:11 -0500
Subject: :show_reactions, refactor the other test

---
 test/web/mastodon_api/controllers/status_controller_test.exs | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'test/web')

diff --git a/test/web/mastodon_api/controllers/status_controller_test.exs b/test/web/mastodon_api/controllers/status_controller_test.exs
index e3f127163..5955d8334 100644
--- a/test/web/mastodon_api/controllers/status_controller_test.exs
+++ b/test/web/mastodon_api/controllers/status_controller_test.exs
@@ -21,7 +21,6 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
 
   setup do: clear_config([:instance, :federating])
   setup do: clear_config([:instance, :allow_relay])
-  setup do: clear_config([:instance, :show_reactions])
   setup do: clear_config([:rich_media, :enabled])
   setup do: clear_config([:mrf, :policies])
   setup do: clear_config([:mrf_keyword, :reject])
@@ -1435,7 +1434,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusControllerTest do
     end
 
     test "returns empty array when :show_reactions is disabled", %{conn: conn, activity: activity} do
-      Pleroma.Config.put([:instance, :show_reactions], false)
+      clear_config([:instance, :show_reactions], false)
 
       other_user = insert(:user)
       {:ok, _} = CommonAPI.favorite(other_user, activity.id)
-- 
cgit v1.2.3


From 93638935d783c092dabac51982426ebd98a21e0e Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Wed, 29 Jul 2020 12:58:08 -0500
Subject: SimpleMRF: :silence --> :followers_only

---
 test/web/activity_pub/mrf/simple_policy_test.exs | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'test/web')

diff --git a/test/web/activity_pub/mrf/simple_policy_test.exs b/test/web/activity_pub/mrf/simple_policy_test.exs
index 510a31d80..c0e82731b 100644
--- a/test/web/activity_pub/mrf/simple_policy_test.exs
+++ b/test/web/activity_pub/mrf/simple_policy_test.exs
@@ -16,7 +16,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
             federated_timeline_removal: [],
             report_removal: [],
             reject: [],
-            silence: [],
+            followers_only: [],
             accept: [],
             avatar_removal: [],
             banner_removal: [],
@@ -263,9 +263,9 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
     end
   end
 
-  describe "when :silence" do
+  describe "when :followers_only" do
     test "is empty" do
-      Config.put([:mrf_simple, :silence], [])
+      Config.put([:mrf_simple, :followers_only], [])
       {_, ftl_message} = build_ftl_actor_and_message()
       local_message = build_local_message()
 
@@ -296,7 +296,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
         |> URI.parse()
         |> Map.fetch!(:host)
 
-      Config.put([:mrf_simple, :silence], [actor_domain])
+      Config.put([:mrf_simple, :followers_only], [actor_domain])
 
       assert {:ok, new_activity} = SimplePolicy.filter(activity)
       assert actor.follower_address in new_activity["to"]
-- 
cgit v1.2.3


From e2e66e50d3066d48d8ef9200e7d221f5aeec4c44 Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Thu, 30 Jul 2020 14:29:00 +0200
Subject: SimplePolicyTest: Add test for leaking DMs.

---
 test/web/activity_pub/mrf/simple_policy_test.exs | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'test/web')

diff --git a/test/web/activity_pub/mrf/simple_policy_test.exs b/test/web/activity_pub/mrf/simple_policy_test.exs
index c0e82731b..9a1a7bdc8 100644
--- a/test/web/activity_pub/mrf/simple_policy_test.exs
+++ b/test/web/activity_pub/mrf/simple_policy_test.exs
@@ -290,6 +290,15 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
         "cc" => [actor.follower_address, "http://foo.bar/qux"]
       }
 
+      dm_activity = %{
+        "actor" => actor.ap_id,
+        "to" => [
+          following_user.ap_id,
+          non_following_user.ap_id
+        ],
+        "cc" => []
+      }
+
       actor_domain =
         activity
         |> Map.fetch!("actor")
@@ -305,6 +314,10 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
       refute "https://www.w3.org/ns/activitystreams#Public" in new_activity["cc"]
       refute non_following_user.ap_id in new_activity["to"]
       refute non_following_user.ap_id in new_activity["cc"]
+
+      assert {:ok, new_dm_activity} = SimplePolicy.filter(dm_activity)
+      assert new_dm_activity["to"] == [following_user.ap_id]
+      assert new_dm_activity["cc"] == []
     end
   end
 
-- 
cgit v1.2.3


From 781b270863b7a3dcf49c5b52c73aa60511c91a6c Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Thu, 30 Jul 2020 19:57:26 +0200
Subject: ChatMessageReferenceView: Display preview cards.

---
 .../views/chat/message_reference_view_test.exs            | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

(limited to 'test/web')

diff --git a/test/web/pleroma_api/views/chat/message_reference_view_test.exs b/test/web/pleroma_api/views/chat/message_reference_view_test.exs
index e5b165255..40dbae3cd 100644
--- a/test/web/pleroma_api/views/chat/message_reference_view_test.exs
+++ b/test/web/pleroma_api/views/chat/message_reference_view_test.exs
@@ -43,7 +43,17 @@ defmodule Pleroma.Web.PleromaAPI.Chat.MessageReferenceViewTest do
     assert chat_message[:unread] == false
     assert match?([%{shortcode: "firefox"}], chat_message[:emojis])
 
-    {:ok, activity} = CommonAPI.post_chat_message(recipient, user, "gkgkgk", media_id: upload.id)
+    clear_config([:rich_media, :enabled], true)
+
+    Tesla.Mock.mock(fn
+      %{url: "https://example.com/ogp"} ->
+        %Tesla.Env{status: 200, body: File.read!("test/fixtures/rich_media/ogp.html")}
+    end)
+
+    {:ok, activity} =
+      CommonAPI.post_chat_message(recipient, user, "gkgkgk https://example.com/ogp",
+        media_id: upload.id
+      )
 
     object = Object.normalize(activity)
 
@@ -52,10 +62,11 @@ defmodule Pleroma.Web.PleromaAPI.Chat.MessageReferenceViewTest do
     chat_message_two = MessageReferenceView.render("show.json", chat_message_reference: cm_ref)
 
     assert chat_message_two[:id] == cm_ref.id
-    assert chat_message_two[:content] == "gkgkgk"
+    assert chat_message_two[:content] == object.data["content"]
     assert chat_message_two[:account_id] == recipient.id
     assert chat_message_two[:chat_id] == chat_message[:chat_id]
     assert chat_message_two[:attachment]
     assert chat_message_two[:unread] == true
+    assert chat_message_two[:card]
   end
 end
-- 
cgit v1.2.3


From 1dd162a5f75e6c2ef1813cd477e6d938127220d9 Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Fri, 31 Jul 2020 09:57:30 +0200
Subject: SimplePolicy: Fix problem with DM leaks.

---
 test/web/activity_pub/mrf/simple_policy_test.exs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'test/web')

diff --git a/test/web/activity_pub/mrf/simple_policy_test.exs b/test/web/activity_pub/mrf/simple_policy_test.exs
index 9a1a7bdc8..d7dde62c4 100644
--- a/test/web/activity_pub/mrf/simple_policy_test.exs
+++ b/test/web/activity_pub/mrf/simple_policy_test.exs
@@ -308,7 +308,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
       Config.put([:mrf_simple, :followers_only], [actor_domain])
 
       assert {:ok, new_activity} = SimplePolicy.filter(activity)
-      assert actor.follower_address in new_activity["to"]
+      assert actor.follower_address in new_activity["cc"]
       assert following_user.ap_id in new_activity["to"]
       refute "https://www.w3.org/ns/activitystreams#Public" in new_activity["to"]
       refute "https://www.w3.org/ns/activitystreams#Public" in new_activity["cc"]
-- 
cgit v1.2.3


From 27b0a8b15542c645f70937a124ab8190cc399313 Mon Sep 17 00:00:00 2001
From: Ivan Tashkinov <ivantashkinov@gmail.com>
Date: Fri, 31 Jul 2020 14:13:38 +0300
Subject: [#1985] Prevented force login on registration if account approval
 and/or email confirmation needed. Refactored login code in OAuthController,
 reused in AccountController. Added tests.

---
 .../controllers/account_controller_test.exs        | 73 +++++++++-------------
 1 file changed, 30 insertions(+), 43 deletions(-)

(limited to 'test/web')

diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs
index 708f8b5b3..d390c3ce1 100644
--- a/test/web/mastodon_api/controllers/account_controller_test.exs
+++ b/test/web/mastodon_api/controllers/account_controller_test.exs
@@ -5,7 +5,6 @@
 defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
   use Pleroma.Web.ConnCase
 
-  alias Pleroma.Config
   alias Pleroma.Repo
   alias Pleroma.User
   alias Pleroma.Web.ActivityPub.ActivityPub
@@ -16,8 +15,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
   import Pleroma.Factory
 
   describe "account fetching" do
-    setup do: clear_config([:instance, :limit_to_local_content])
-
     test "works by id" do
       %User{id: user_id} = insert(:user)
 
@@ -42,7 +39,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
     end
 
     test "works by nickname for remote users" do
-      Config.put([:instance, :limit_to_local_content], false)
+      clear_config([:instance, :limit_to_local_content], false)
 
       user = insert(:user, nickname: "user@example.com", local: false)
 
@@ -53,7 +50,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
     end
 
     test "respects limit_to_local_content == :all for remote user nicknames" do
-      Config.put([:instance, :limit_to_local_content], :all)
+      clear_config([:instance, :limit_to_local_content], :all)
 
       user = insert(:user, nickname: "user@example.com", local: false)
 
@@ -63,7 +60,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
     end
 
     test "respects limit_to_local_content == :unauthenticated for remote user nicknames" do
-      Config.put([:instance, :limit_to_local_content], :unauthenticated)
+      clear_config([:instance, :limit_to_local_content], :unauthenticated)
 
       user = insert(:user, nickname: "user@example.com", local: false)
       reading_user = insert(:user)
@@ -903,8 +900,10 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
       [valid_params: valid_params]
     end
 
-    test "Account registration via Application, no confirmation required", %{conn: conn} do
+    test "registers and logs in without :account_activation_required / :account_approval_required",
+         %{conn: conn} do
       clear_config([:instance, :account_activation_required], false)
+      clear_config([:instance, :account_approval_required], false)
 
       conn =
         conn
@@ -962,15 +961,16 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
 
       token_from_db = Repo.get_by(Token, token: token)
       assert token_from_db
-      token_from_db = Repo.preload(token_from_db, :user)
-      assert token_from_db.user
-      refute token_from_db.user.confirmation_pending
-    end
+      user = Repo.preload(token_from_db, :user).user
 
-    setup do: clear_config([:instance, :account_approval_required])
+      assert user
+      refute user.confirmation_pending
+      refute user.approval_pending
+    end
 
-    test "Account registration via Application", %{conn: conn} do
+    test "registers but does not log in with :account_activation_required", %{conn: conn} do
       clear_config([:instance, :account_activation_required], true)
+      clear_config([:instance, :account_approval_required], false)
 
       conn =
         conn
@@ -1019,23 +1019,18 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
           agreement: true
         })
 
-      %{
-        "access_token" => token,
-        "created_at" => _created_at,
-        "scope" => ^scope,
-        "token_type" => "Bearer"
-      } = json_response_and_validate_schema(conn, 200)
-
-      token_from_db = Repo.get_by(Token, token: token)
-      assert token_from_db
-      token_from_db = Repo.preload(token_from_db, :user)
-      assert token_from_db.user
+      response = json_response_and_validate_schema(conn, 200)
+      assert %{"identifier" => "missing_confirmed_email"} = response
+      refute response["access_token"]
+      refute response["token_type"]
 
-      assert token_from_db.user.confirmation_pending
+      user = Repo.get_by(User, email: "lain@example.org")
+      assert user.confirmation_pending
     end
 
-    test "Account registration via app with account_approval_required", %{conn: conn} do
-      Pleroma.Config.put([:instance, :account_approval_required], true)
+    test "registers but does not log in with :account_approval_required", %{conn: conn} do
+      clear_config([:instance, :account_approval_required], true)
+      clear_config([:instance, :account_activation_required], false)
 
       conn =
         conn
@@ -1085,21 +1080,15 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
           reason: "I'm a cool dude, bro"
         })
 
-      %{
-        "access_token" => token,
-        "created_at" => _created_at,
-        "scope" => ^scope,
-        "token_type" => "Bearer"
-      } = json_response_and_validate_schema(conn, 200)
-
-      token_from_db = Repo.get_by(Token, token: token)
-      assert token_from_db
-      token_from_db = Repo.preload(token_from_db, :user)
-      assert token_from_db.user
+      response = json_response_and_validate_schema(conn, 200)
+      assert %{"identifier" => "awaiting_approval"} = response
+      refute response["access_token"]
+      refute response["token_type"]
 
-      assert token_from_db.user.approval_pending
+      user = Repo.get_by(User, email: "lain@example.org")
 
-      assert token_from_db.user.registration_reason == "I'm a cool dude, bro"
+      assert user.approval_pending
+      assert user.registration_reason == "I'm a cool dude, bro"
     end
 
     test "returns error when user already registred", %{conn: conn, valid_params: valid_params} do
@@ -1153,11 +1142,9 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
       end)
     end
 
-    setup do: clear_config([:instance, :account_activation_required])
-
     test "returns bad_request if missing email params when :account_activation_required is enabled",
          %{conn: conn, valid_params: valid_params} do
-      Pleroma.Config.put([:instance, :account_activation_required], true)
+      clear_config([:instance, :account_activation_required], true)
 
       app_token = insert(:oauth_token, user: nil)
 
-- 
cgit v1.2.3


From 010d77ec855245def7fa785357db6e43cf1f14c7 Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Fri, 31 Jul 2020 15:17:09 +0000
Subject: Revert "Merge branch 'mrf-silence-2' into 'develop'"

This reverts merge request !2820
---
 test/web/activity_pub/mrf/simple_policy_test.exs | 60 ------------------------
 1 file changed, 60 deletions(-)

(limited to 'test/web')

diff --git a/test/web/activity_pub/mrf/simple_policy_test.exs b/test/web/activity_pub/mrf/simple_policy_test.exs
index d7dde62c4..e842d8d8d 100644
--- a/test/web/activity_pub/mrf/simple_policy_test.exs
+++ b/test/web/activity_pub/mrf/simple_policy_test.exs
@@ -7,7 +7,6 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
   import Pleroma.Factory
   alias Pleroma.Config
   alias Pleroma.Web.ActivityPub.MRF.SimplePolicy
-  alias Pleroma.Web.CommonAPI
 
   setup do:
           clear_config(:mrf_simple,
@@ -16,7 +15,6 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
             federated_timeline_removal: [],
             report_removal: [],
             reject: [],
-            followers_only: [],
             accept: [],
             avatar_removal: [],
             banner_removal: [],
@@ -263,64 +261,6 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
     end
   end
 
-  describe "when :followers_only" do
-    test "is empty" do
-      Config.put([:mrf_simple, :followers_only], [])
-      {_, ftl_message} = build_ftl_actor_and_message()
-      local_message = build_local_message()
-
-      assert SimplePolicy.filter(ftl_message) == {:ok, ftl_message}
-      assert SimplePolicy.filter(local_message) == {:ok, local_message}
-    end
-
-    test "has a matching host" do
-      actor = insert(:user)
-      following_user = insert(:user)
-      non_following_user = insert(:user)
-
-      {:ok, _, _, _} = CommonAPI.follow(following_user, actor)
-
-      activity = %{
-        "actor" => actor.ap_id,
-        "to" => [
-          "https://www.w3.org/ns/activitystreams#Public",
-          following_user.ap_id,
-          non_following_user.ap_id
-        ],
-        "cc" => [actor.follower_address, "http://foo.bar/qux"]
-      }
-
-      dm_activity = %{
-        "actor" => actor.ap_id,
-        "to" => [
-          following_user.ap_id,
-          non_following_user.ap_id
-        ],
-        "cc" => []
-      }
-
-      actor_domain =
-        activity
-        |> Map.fetch!("actor")
-        |> URI.parse()
-        |> Map.fetch!(:host)
-
-      Config.put([:mrf_simple, :followers_only], [actor_domain])
-
-      assert {:ok, new_activity} = SimplePolicy.filter(activity)
-      assert actor.follower_address in new_activity["cc"]
-      assert following_user.ap_id in new_activity["to"]
-      refute "https://www.w3.org/ns/activitystreams#Public" in new_activity["to"]
-      refute "https://www.w3.org/ns/activitystreams#Public" in new_activity["cc"]
-      refute non_following_user.ap_id in new_activity["to"]
-      refute non_following_user.ap_id in new_activity["cc"]
-
-      assert {:ok, new_dm_activity} = SimplePolicy.filter(dm_activity)
-      assert new_dm_activity["to"] == [following_user.ap_id]
-      assert new_dm_activity["cc"] == []
-    end
-  end
-
   describe "when :accept" do
     test "is empty" do
       Config.put([:mrf_simple, :accept], [])
-- 
cgit v1.2.3


From 4b18a07392558401c88a60db3751feefd9481e13 Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Fri, 31 Jul 2020 15:18:04 +0000
Subject: Revert "Merge branch 'revert-1ac0969c' into 'develop'"

This reverts merge request !2825
---
 test/web/activity_pub/mrf/simple_policy_test.exs | 60 ++++++++++++++++++++++++
 1 file changed, 60 insertions(+)

(limited to 'test/web')

diff --git a/test/web/activity_pub/mrf/simple_policy_test.exs b/test/web/activity_pub/mrf/simple_policy_test.exs
index e842d8d8d..d7dde62c4 100644
--- a/test/web/activity_pub/mrf/simple_policy_test.exs
+++ b/test/web/activity_pub/mrf/simple_policy_test.exs
@@ -7,6 +7,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
   import Pleroma.Factory
   alias Pleroma.Config
   alias Pleroma.Web.ActivityPub.MRF.SimplePolicy
+  alias Pleroma.Web.CommonAPI
 
   setup do:
           clear_config(:mrf_simple,
@@ -15,6 +16,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
             federated_timeline_removal: [],
             report_removal: [],
             reject: [],
+            followers_only: [],
             accept: [],
             avatar_removal: [],
             banner_removal: [],
@@ -261,6 +263,64 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
     end
   end
 
+  describe "when :followers_only" do
+    test "is empty" do
+      Config.put([:mrf_simple, :followers_only], [])
+      {_, ftl_message} = build_ftl_actor_and_message()
+      local_message = build_local_message()
+
+      assert SimplePolicy.filter(ftl_message) == {:ok, ftl_message}
+      assert SimplePolicy.filter(local_message) == {:ok, local_message}
+    end
+
+    test "has a matching host" do
+      actor = insert(:user)
+      following_user = insert(:user)
+      non_following_user = insert(:user)
+
+      {:ok, _, _, _} = CommonAPI.follow(following_user, actor)
+
+      activity = %{
+        "actor" => actor.ap_id,
+        "to" => [
+          "https://www.w3.org/ns/activitystreams#Public",
+          following_user.ap_id,
+          non_following_user.ap_id
+        ],
+        "cc" => [actor.follower_address, "http://foo.bar/qux"]
+      }
+
+      dm_activity = %{
+        "actor" => actor.ap_id,
+        "to" => [
+          following_user.ap_id,
+          non_following_user.ap_id
+        ],
+        "cc" => []
+      }
+
+      actor_domain =
+        activity
+        |> Map.fetch!("actor")
+        |> URI.parse()
+        |> Map.fetch!(:host)
+
+      Config.put([:mrf_simple, :followers_only], [actor_domain])
+
+      assert {:ok, new_activity} = SimplePolicy.filter(activity)
+      assert actor.follower_address in new_activity["cc"]
+      assert following_user.ap_id in new_activity["to"]
+      refute "https://www.w3.org/ns/activitystreams#Public" in new_activity["to"]
+      refute "https://www.w3.org/ns/activitystreams#Public" in new_activity["cc"]
+      refute non_following_user.ap_id in new_activity["to"]
+      refute non_following_user.ap_id in new_activity["cc"]
+
+      assert {:ok, new_dm_activity} = SimplePolicy.filter(dm_activity)
+      assert new_dm_activity["to"] == [following_user.ap_id]
+      assert new_dm_activity["cc"] == []
+    end
+  end
+
   describe "when :accept" do
     test "is empty" do
       Config.put([:mrf_simple, :accept], [])
-- 
cgit v1.2.3


From 10c792110e6ea8ed21f739ef8f4f0eff4659ebf9 Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Mon, 3 Aug 2020 14:12:32 +0200
Subject: MRF Object Age Policy: Don't break on messages without cc/to

---
 .../activity_pub/mrf/object_age_policy_test.exs    | 42 ++++++++++++++++++++++
 1 file changed, 42 insertions(+)

(limited to 'test/web')

diff --git a/test/web/activity_pub/mrf/object_age_policy_test.exs b/test/web/activity_pub/mrf/object_age_policy_test.exs
index b0fb753bd..cf6acc9a2 100644
--- a/test/web/activity_pub/mrf/object_age_policy_test.exs
+++ b/test/web/activity_pub/mrf/object_age_policy_test.exs
@@ -38,6 +38,17 @@ defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicyTest do
   end
 
   describe "with reject action" do
+    test "works with objects with empty to or cc fields" do
+      Config.put([:mrf_object_age, :actions], [:reject])
+
+      data =
+        get_old_message()
+        |> Map.put("cc", nil)
+        |> Map.put("to", nil)
+
+      assert match?({:reject, _}, ObjectAgePolicy.filter(data))
+    end
+
     test "it rejects an old post" do
       Config.put([:mrf_object_age, :actions], [:reject])
 
@@ -56,6 +67,21 @@ defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicyTest do
   end
 
   describe "with delist action" do
+    test "works with objects with empty to or cc fields" do
+      Config.put([:mrf_object_age, :actions], [:delist])
+
+      data =
+        get_old_message()
+        |> Map.put("cc", nil)
+        |> Map.put("to", nil)
+
+      {:ok, _u} = User.get_or_fetch_by_ap_id(data["actor"])
+
+      {:ok, data} = ObjectAgePolicy.filter(data)
+
+      assert Visibility.get_visibility(%{data: data}) == "unlisted"
+    end
+
     test "it delists an old post" do
       Config.put([:mrf_object_age, :actions], [:delist])
 
@@ -80,6 +106,22 @@ defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicyTest do
   end
 
   describe "with strip_followers action" do
+    test "works with objects with empty to or cc fields" do
+      Config.put([:mrf_object_age, :actions], [:strip_followers])
+
+      data =
+        get_old_message()
+        |> Map.put("cc", nil)
+        |> Map.put("to", nil)
+
+      {:ok, user} = User.get_or_fetch_by_ap_id(data["actor"])
+
+      {:ok, data} = ObjectAgePolicy.filter(data)
+
+      refute user.follower_address in data["to"]
+      refute user.follower_address in data["cc"]
+    end
+
     test "it strips followers collections from an old post" do
       Config.put([:mrf_object_age, :actions], [:strip_followers])
 
-- 
cgit v1.2.3


From de3bdc63adac0141500bdc2692124cd104330bda Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Mon, 3 Aug 2020 15:00:14 +0200
Subject: AccountControllerTest: Add test for message returned.

---
 .../controllers/account_controller_test.exs        | 29 ++++++++++++++++------
 1 file changed, 22 insertions(+), 7 deletions(-)

(limited to 'test/web')

diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs
index d390c3ce1..2cb388655 100644
--- a/test/web/mastodon_api/controllers/account_controller_test.exs
+++ b/test/web/mastodon_api/controllers/account_controller_test.exs
@@ -940,17 +940,32 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
       assert refresh
       assert scope == "read write follow"
 
+      clear_config([User, :email_blacklist], ["example.org"])
+
+      params = %{
+        username: "lain",
+        email: "lain@example.org",
+        password: "PlzDontHackLain",
+        bio: "Test Bio",
+        agreement: true
+      }
+
       conn =
         build_conn()
         |> put_req_header("content-type", "multipart/form-data")
         |> put_req_header("authorization", "Bearer " <> token)
-        |> post("/api/v1/accounts", %{
-          username: "lain",
-          email: "lain@example.org",
-          password: "PlzDontHackLain",
-          bio: "Test Bio",
-          agreement: true
-        })
+        |> post("/api/v1/accounts", params)
+
+      assert %{"error" => "{\"email\":[\"Email domain is blacklisted\"]}"} =
+               json_response_and_validate_schema(conn, 400)
+
+      Pleroma.Config.put([User, :email_blacklist], [])
+
+      conn =
+        build_conn()
+        |> put_req_header("content-type", "multipart/form-data")
+        |> put_req_header("authorization", "Bearer " <> token)
+        |> post("/api/v1/accounts", params)
 
       %{
         "access_token" => token,
-- 
cgit v1.2.3


From 058daf498f10e58221bd29a42799f52e56a800a9 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Mon, 3 Aug 2020 19:57:53 -0500
Subject: Email blacklist: Update response phrasing

---
 test/web/mastodon_api/controllers/account_controller_test.exs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'test/web')

diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs
index 2cb388655..86e3ac3e7 100644
--- a/test/web/mastodon_api/controllers/account_controller_test.exs
+++ b/test/web/mastodon_api/controllers/account_controller_test.exs
@@ -956,7 +956,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
         |> put_req_header("authorization", "Bearer " <> token)
         |> post("/api/v1/accounts", params)
 
-      assert %{"error" => "{\"email\":[\"Email domain is blacklisted\"]}"} =
+      assert %{"error" => "{\"credentials\":[\"Invalid credentials\"]}"} =
                json_response_and_validate_schema(conn, 400)
 
       Pleroma.Config.put([User, :email_blacklist], [])
-- 
cgit v1.2.3


From 4f57e85ab9c80fb7cb51428cef978793ba22971c Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Mon, 3 Aug 2020 22:20:49 -0500
Subject: Email blacklist: Update phrasing again

---
 test/web/mastodon_api/controllers/account_controller_test.exs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'test/web')

diff --git a/test/web/mastodon_api/controllers/account_controller_test.exs b/test/web/mastodon_api/controllers/account_controller_test.exs
index 86e3ac3e7..17a1e7d66 100644
--- a/test/web/mastodon_api/controllers/account_controller_test.exs
+++ b/test/web/mastodon_api/controllers/account_controller_test.exs
@@ -956,7 +956,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountControllerTest do
         |> put_req_header("authorization", "Bearer " <> token)
         |> post("/api/v1/accounts", params)
 
-      assert %{"error" => "{\"credentials\":[\"Invalid credentials\"]}"} =
+      assert %{"error" => "{\"email\":[\"Invalid email\"]}"} =
                json_response_and_validate_schema(conn, 400)
 
       Pleroma.Config.put([User, :email_blacklist], [])
-- 
cgit v1.2.3


From e92c040ad3d0cc568ea0dc4b79f207a392c7c90f Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Tue, 4 Aug 2020 14:08:12 +0200
Subject: CommonAPITest: Add test that deactivated users can't post.

---
 test/web/common_api/common_api_test.exs | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'test/web')

diff --git a/test/web/common_api/common_api_test.exs b/test/web/common_api/common_api_test.exs
index 313dda21b..4ba6232dc 100644
--- a/test/web/common_api/common_api_test.exs
+++ b/test/web/common_api/common_api_test.exs
@@ -458,6 +458,11 @@ defmodule Pleroma.Web.CommonAPITest do
   end
 
   describe "posting" do
+    test "deactivated users can't post" do
+      user = insert(:user, deactivated: true)
+      assert {:error, _} = CommonAPI.post(user, %{status: "ye"})
+    end
+
     test "it supports explicit addressing" do
       user = insert(:user)
       user_two = insert(:user)
-- 
cgit v1.2.3


From 0cfadcf2caf84e2db944036576bad888a9707ff1 Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Tue, 4 Aug 2020 14:15:32 +0200
Subject: TransmogrifierTest: Add test for deactivated users

---
 test/web/activity_pub/transmogrifier_test.exs | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'test/web')

diff --git a/test/web/activity_pub/transmogrifier_test.exs b/test/web/activity_pub/transmogrifier_test.exs
index 7d33feaf2..828964a36 100644
--- a/test/web/activity_pub/transmogrifier_test.exs
+++ b/test/web/activity_pub/transmogrifier_test.exs
@@ -163,6 +163,14 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
              end) =~ "[warn] Couldn't fetch \"https://404.site/whatever\", error: nil"
     end
 
+    test "it does not work for deactivated users" do
+      data = File.read!("test/fixtures/mastodon-post-activity.json") |> Poison.decode!()
+
+      insert(:user, ap_id: data["actor"], deactivated: true)
+
+      assert {:error, _} = Transmogrifier.handle_incoming(data)
+    end
+
     test "it works for incoming notices" do
       data = File.read!("test/fixtures/mastodon-post-activity.json") |> Poison.decode!()
 
-- 
cgit v1.2.3


From 1a00713744803824b16efd575c9c6880b1d1a57e Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Tue, 4 Aug 2020 14:17:03 +0200
Subject: CommonValidations: Treat deactivated users as not present.

---
 .../activity_pub/transmogrifier/chat_message_test.exs  | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

(limited to 'test/web')

diff --git a/test/web/activity_pub/transmogrifier/chat_message_test.exs b/test/web/activity_pub/transmogrifier/chat_message_test.exs
index d6736dc3e..31274c067 100644
--- a/test/web/activity_pub/transmogrifier/chat_message_test.exs
+++ b/test/web/activity_pub/transmogrifier/chat_message_test.exs
@@ -124,6 +124,24 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier.ChatMessageTest do
       {:ok, %Activity{} = _activity} = Transmogrifier.handle_incoming(data)
     end
 
+    test "it doesn't work for deactivated users" do
+      data =
+        File.read!("test/fixtures/create-chat-message.json")
+        |> Poison.decode!()
+
+      _author =
+        insert(:user,
+          ap_id: data["actor"],
+          local: false,
+          last_refreshed_at: DateTime.utc_now(),
+          deactivated: true
+        )
+
+      _recipient = insert(:user, ap_id: List.first(data["to"]), local: true)
+
+      assert {:error, _} = Transmogrifier.handle_incoming(data)
+    end
+
     test "it inserts it and creates a chat" do
       data =
         File.read!("test/fixtures/create-chat-message.json")
-- 
cgit v1.2.3


From 36aa34a1a8c489f74a9821095d823f8060afac5f Mon Sep 17 00:00:00 2001
From: lain <lain@soykaf.club>
Date: Tue, 4 Aug 2020 15:08:51 +0200
Subject: MastodonAPITest: Do the needful

---
 test/web/mastodon_api/mastodon_api_test.exs | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'test/web')

diff --git a/test/web/mastodon_api/mastodon_api_test.exs b/test/web/mastodon_api/mastodon_api_test.exs
index c08be37d4..0c5a38bf6 100644
--- a/test/web/mastodon_api/mastodon_api_test.exs
+++ b/test/web/mastodon_api/mastodon_api_test.exs
@@ -17,8 +17,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPITest do
     test "returns error when followed user is deactivated" do
       follower = insert(:user)
       user = insert(:user, local: true, deactivated: true)
-      {:error, error} = MastodonAPI.follow(follower, user)
-      assert error == :rejected
+      assert {:error, _error} = MastodonAPI.follow(follower, user)
     end
 
     test "following for user" do
-- 
cgit v1.2.3


From 91fbb5b21f9d8f098c9796eb4dd917bcd1e92404 Mon Sep 17 00:00:00 2001
From: Egor Kislitsyn <egor@kislitsyn.com>
Date: Tue, 4 Aug 2020 18:26:37 +0400
Subject: Fix ActivityExpirationPolicy

---
 test/web/activity_pub/mrf/activity_expiration_policy_test.exs | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'test/web')

diff --git a/test/web/activity_pub/mrf/activity_expiration_policy_test.exs b/test/web/activity_pub/mrf/activity_expiration_policy_test.exs
index 8babf49e7..f25cf8b12 100644
--- a/test/web/activity_pub/mrf/activity_expiration_policy_test.exs
+++ b/test/web/activity_pub/mrf/activity_expiration_policy_test.exs
@@ -7,11 +7,13 @@ defmodule Pleroma.Web.ActivityPub.MRF.ActivityExpirationPolicyTest do
   alias Pleroma.Web.ActivityPub.MRF.ActivityExpirationPolicy
 
   @id Pleroma.Web.Endpoint.url() <> "/activities/cofe"
+  @local_actor Pleroma.Web.Endpoint.url() <> "/users/cofe"
 
   test "adds `expires_at` property" do
     assert {:ok, %{"type" => "Create", "expires_at" => expires_at}} =
              ActivityExpirationPolicy.filter(%{
                "id" => @id,
+               "actor" => @local_actor,
                "type" => "Create",
                "object" => %{"type" => "Note"}
              })
@@ -25,6 +27,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.ActivityExpirationPolicyTest do
     assert {:ok, %{"type" => "Create", "expires_at" => ^expires_at}} =
              ActivityExpirationPolicy.filter(%{
                "id" => @id,
+               "actor" => @local_actor,
                "type" => "Create",
                "expires_at" => expires_at,
                "object" => %{"type" => "Note"}
@@ -37,6 +40,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.ActivityExpirationPolicyTest do
     assert {:ok, %{"type" => "Create", "expires_at" => expires_at}} =
              ActivityExpirationPolicy.filter(%{
                "id" => @id,
+               "actor" => @local_actor,
                "type" => "Create",
                "expires_at" => too_distant_future,
                "object" => %{"type" => "Note"}
@@ -49,6 +53,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.ActivityExpirationPolicyTest do
     assert {:ok, activity} =
              ActivityExpirationPolicy.filter(%{
                "id" => "https://example.com/123",
+               "actor" => "https://example.com/users/cofe",
                "type" => "Create",
                "object" => %{"type" => "Note"}
              })
@@ -60,6 +65,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.ActivityExpirationPolicyTest do
     assert {:ok, activity} =
              ActivityExpirationPolicy.filter(%{
                "id" => "https://example.com/123",
+               "actor" => "https://example.com/users/cofe",
                "type" => "Follow"
              })
 
@@ -68,6 +74,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.ActivityExpirationPolicyTest do
     assert {:ok, activity} =
              ActivityExpirationPolicy.filter(%{
                "id" => "https://example.com/123",
+               "actor" => "https://example.com/users/cofe",
                "type" => "Create",
                "object" => %{"type" => "Cofe"}
              })
-- 
cgit v1.2.3


From 184742af5eed2c48ba8518f1e114cbe0655ad467 Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Mon, 3 Aug 2020 22:32:51 -0500
Subject: Unique apps.client_id for new installations, fixes #2022

---
 test/web/oauth/app_test.exs | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'test/web')

diff --git a/test/web/oauth/app_test.exs b/test/web/oauth/app_test.exs
index 899af648e..993a490e0 100644
--- a/test/web/oauth/app_test.exs
+++ b/test/web/oauth/app_test.exs
@@ -29,5 +29,16 @@ defmodule Pleroma.Web.OAuth.AppTest do
       assert exist_app.id == app.id
       assert exist_app.scopes == ["read", "write", "follow", "push"]
     end
+
+    test "has unique client_id" do
+      insert(:oauth_app, client_name: "", redirect_uris: "", client_id: "boop")
+
+      error =
+        catch_error(insert(:oauth_app, client_name: "", redirect_uris: "", client_id: "boop"))
+
+      assert %Ecto.ConstraintError{} = error
+      assert error.constraint == "apps_client_id_index"
+      assert error.type == :unique
+    end
   end
 end
-- 
cgit v1.2.3